Wireless coexistence – New attack technique exploits Bluetooth, WiFi performance features for ‘inter-chip privilege escalation’
Attackers can use connections between wireless chips to steal data or credentials, researchers find [...]
Showing only posts by The Daily Swig. Show all posts.
US clothing supplier Pro Wrestling Tees hit by data breach
Law enforcement alerted company to compromise of payment card info [...]
Bug bounty platforms handling thousands of Log4j vulnerability reports
Leading platforms report back from the front line as vendors grapple with landmark bug UPDATED Bug bounty hunters have already submitted thousands of vulnerability reports related to the Apache Log4j [...]
Anti-cheating browser extension fails web security examination
XSS flaw in Proctorio gets resolved [...]
Multiple vulnerabilities in Microsoft Teams could spoof URLs, leak IP addresses
Only one of the issues has so far been patched [...]
Survey scams rekindled using advertising industry tricks to deliver tailor-made assaults
More bad men than Mad Men [...]
Safe browsing: Google fixes Chrome Site Isolation bypass bug
Vulnerability in Chrome’s service worker feature created chink in browser’s armor [...]
Ubisoft confirms Just Dance video game data breach
Developer said no accounts had been improperly accessed [...]
Security researcher earns plaudits after discovering Yandex SSRF flaw
Russian language search engine has secured its backend infrastructure [...]
Healthcare provider Texas ENT alerts 535,000 patients to data breach
Unauthorized intruder exfiltrated personal data over a six-day period [...]
Teen hacker scoops $4,500 bug bounty for Facebook flaw that allowed attackers to unmask page admins
High-impact privacy bug in Facebook’s Android app now fixed [...]
Ukraine hosts large-scale simulation of cyber-attack against energy grid
SANS Institute’s latest Grid NetWars competition involved 250 security pros from Ukraine [...]
Respect in Security: Anti-harassment infosec industry group gains momentum with code of conduct campaign
Take the pledge, companies are urged [...]
Desjardins data breach: Class action lawsuit agreement reaches $201 million
Final amount to be confirmed in 2022 [...]
SAP squashes SQL injection, XSS bugs in December patch round
CVSS severity scores range from 2.4 to 9.9 [...]
UK government reveals plans to become ‘global cyber power’ in 2022
National Cyber Security Centre leads scheme to increase capabilities [...]
How expired web domains help criminal hackers unlock enterprise defenses
Allow domains to ‘drop’ and you’re increasing the effectiveness of a variety of attacks [...]
Propane distributor Superior Plus admits ransomware breach
Clean up and damage assessment underway [...]
Log4j: Security pros call for urgent patch implementation as in-the-wild exploitation continues
Initial, ‘incomplete’ patch created path to denial-of-service attacks [...]
US government launches ‘Hack the DHS’ bug bounty program
Initiative will also invite selected security researchers to a live hacking event [...]
PyPI admins remove three malicious packages after more than 10,000 downloads
Two packages lay undiscovered for 10 months [...]
Severe Chrome bug allowed RCE on devices running remote headless interface
Attackers could read and write arbitrary files to a device’s hard drive [...]
Cybercrime forums developing court-like system for dispute resolution
Too hot-to-handle ransomware excluded from scheme [...]
Intel adds payout bonuses as it migrates bug bounty program to Intigriti
Payout ceiling lifted from $100,000 to $150,000 for 12-month bonus period [...]
Zero-day vulnerability in Hillrom cardiology devices could allow attackers full control
Security flaw will be addressed in the next release [...]
« newer articles | page 26 | older articles »