Russian man sentenced to prison for ‘crypting’ service that concealed malware from antivirus programs
Underground service promised to render malicious software fully undetectable by nearly every major antivirus provider [...]
Showing only posts by The Daily Swig. Show all posts.
‘Log4Shell’ vulnerability poses critical threat to applications using ‘ubiquitous’ Java logging package Apache Log4j
‘Scope and potential impact unlike any component vulnerability I can recall’ [...]
Human error bugs increasingly making a splash in hacker-powered pen tests – report
HackerOne study charts effects of digital transformation and cloud migration [...]
OWASP ModSecurity Core Rule Set sandbox launched to help security researchers test new CVEs
Free-to-use feature can help users gauge whether the CRS protects against payloads [...]
US food importer Atalanta admits ransomware attack
Multiple questions remain about July data breach [...]
Grafana urges web devs to update following path traversal bug disclosure
‘With all good intentions, I had placed the Grafana team in a bit of a stressful situation,’ researcher admits [...]
GOautodial vulnerabilities put call center network security on the line
Now-patched bugs were easy to exploit, but required prior authentication/network access [...]
US Department of Homeland Security heeds calls for tougher transport cybersecurity rules
TSA issues mandatory requirements for ‘high-risk’ rail infrastructure [...]
Flaws in Tonga’s top-level domain left Google, Amazon, Tether web services vulnerable to takeover
Misaligned incentives are undermining efforts to tackle TLD bugs with ‘mass-scale impact’ [...]
Drive-by RCE in Windows 10 ‘can be executed with a single click’
Underlying security vulnerability is still present in popular OS, researchers warn [...]
Critical web security flaws in Kaseya Unitrends backup appliances remediated after researchers’ disclosure
Two critical flaws addressed in cloud storage patch batch [...]
SSRF vulnerability patched in Jamf Pro mobile security platform
Apple MDM service forced to execute arbitrary web requests [...]
Web security bugs discovered in CATIE assisted living framework
Care home communications tool conundrum [...]
Critical vulnerabilities in open source forum software NodeBB could lead to RCE
Personal data, account access is at risk [...]
Crypto-exchange BitMart reports $150 million theft following hack
Security firm said attackers executed a ‘transfer-out, swap, and wash’ [...]
Pip-audit: Google-backed tool probes Python environments for vulnerable packages
‘Good initial results’, says one early adopter [...]
US identity thieves jailed over $130,000 scam that targeted the elderly
Dark web fraudsters caught after stealing the identities of murder victims [...]
FTC implements tougher data protection rules to safeguard customer information
New requirements for financial institutions include vulnerability assessments, employee training [...]
Ransomware groups increasingly using data leak threats to pile pressure on victims
Nearly one in three victims succumb to extortion, estimates Group-IB [...]
Insider threat: Tech firm was hacked and extorted by its own employee, says FBI
Senior developer also accused of posing as anonymous whistleblower [...]
Data breach at Florida school district impacts 50,000 students and employees
Broward County School District backtracks after ransomware attack [...]
‘Over-permissive’ authentication checks left 190 Australian organizations vulnerable to business email compromise attacks
Mail servers readily hijacked due to MSP oversight [...]
Sixth member of notorious SIM-swapping cybercrime gang sentenced
US crime syndicate ‘The Community’ stole millions of dollars’ worth of cryptocurrency [...]
Web cache poisoning bug discovered in Symfony PHP framework
Vulnerability in open source project has since been patched [...]
Bug Bounty Radar // The latest bug bounty programs for December 2021
New web targets for the discerning hacker [...]
« newer articles | page 27 | older articles »