LAS VEGAS — In cybercrime, as in most areas of crime (or business), the more things change, the more they stay the same.

The emergence of Petya/NotPetya and other virulent forms of malware have showcased how the best and most successful black-hat hacks are not entirely new—bad actors simply take older, more established approaches or attack vectors and add a new twist. And so it is with PHP unserialization attacks, as showcased at the Black Hat conference earlier this month by Sam Thomas, director of research for Secarma Ltd, an information security consultancy.

To read this article in full, please click here