Researchers discover Log4j-like flaw in H2 database console
Impact of JNDI bug mitigated by vulnerable behavior being disabled by default [...]
Showing only posts by The Daily Swig. Show all posts.
Latest WordPress security release fixes XSS, SQL injection bugs
Quartet of software flaws addressed ahead of next major release of popular CMS [...]
Internet Bug Bounty: High severity vulnerability in Apache HTTP Server could lead to RCE
Buffer overflow flaw should be patched immediately [...]
Java RMI services often vulnerable to SSRF attacks – research
Trust boundaries breached by security shortcomings [...]
New York Attorney General flags 1.1 million online accounts compromised by credential stuffing attacks
Bureau of Internet and Technology helped affected organizations secure accounts and bolster defenses [...]
Kazakhstan government shuts down internet following country-wide protests
This isn’t the first time the landlocked nation has restricted web access for citizens [...]
Insecure Amazon S3 bucket exposed personal data on 500,000 Ghanaian graduates
Cloud storage misconfiguration left sensitive data openly accessible [...]
Prosecutors file additional charges against former Uber security chief over 2016 data breach ‘cover up’
Alleged misuse of bug bounty and failure to disclose breach leads to criminal charges [...]
Web skimming attacks on hundreds of real estate websites deployed via cloud video hosting service
Attackers leverage software supply chain to compromise high-traffic sites [...]
Indian academic bookseller Oswaal Books fixes alleged RCE and other serious vulnerabilities with Shopify relaunch
Researcher claims he found RCE, authentication bypass, CSRF flaws [...]
US retailer PulseTV warns of apparent credit card data breach
Payment system updated amidst fears 200,000 records may have been exposed [...]
Latest web hacking tools – Q1 2022
We take a look at the latest additions to security researchers’ armory [...]
Researcher discovers 70 web cache poisoning vulnerabilities, nets $40k in bug bounty rewards
Targets included GitHub, GitLab, HackerOne, and Cloudflare [...]
Security done right: Celebrating infosec wins in 2021
Kudos to Tonga’s ccTLD, the US Supreme Court, and others... [...]
The Matrix Resurrections review: Latest film instalment offers nostalgia but no denouement
Déjà vu isn't what it used to be [...]
Bug Bounty Radar // The latest bug bounty programs for January 2022
New web targets for the discerning hacker [...]
HCL DX vendor ‘could not reproduce’ allegedly critical vulnerabilities
Disclosure process for bugs in HCL DX – formerly WebSphere Portal – seemingly went awry [...]
HCL Technologies patches serious vulnerabilities in HCL DX
Disclosure process for bugs in HCL DX – formerly WebSphere Portal – initially went awry [...]
Swig Security Review 2021 – Part II
Key thinkers on the biggest security stories and trends in 2021 [...]
Swig Security Review 2021 – Part I
Key thinkers on the biggest security stories and trends in 2021 [...]
LastPass quells cyber-attack fears, blames email notification surge on ‘glitch’
Password vault investigation reveals no evidence of credential stuffing activity [...]
Indian authorities set to tighten data breach laws in 2022
Credit card storage rules and 72-hour breach notification deadline due to come into play next year [...]
#12DaysofSwigmas – Happy Holidays from The Daily Swig
On the 12th Day of Swigmas, The Daily Swig gave to me... [...]
Raimund Genes Cup: Trio of near misses ends as PwnThyBytes finally claims CTF title
A dozen teams competed in cloud, IoT, OSINT, forensics, and machine learning challenges [...]
Popular WordPress platform Flywheel vulnerable to subdomain takeover, researcher claims
Malicious actors could wreak havoc by impersonating legitimate websites [...]
« newer articles | page 25 | older articles »