WordPress plugin vulnerability opened up one million sites to remote takeover
Gaping OptinMonster security hole patched [...]
Showing only posts by The Daily Swig. Show all posts.
Critical flaw in GoCD provides platform for supply chain attacks
Vulnerability in software used by Fortune 500 firms raises fears of SolarWinds-like impact [...]
Video conferencing platforms must improve privacy for users, data protection authorities warn
New cross-country report highlights need for better policies [...]
‘Professional cybercriminals’ blamed for DDoS attacks against UK telecoms providers
Packet in, says industry group [...]
Data breach at Colorado university impacts 30,000 students
Atlassian vulnerability believed to be attack vector [...]
Attack the block – How a security researcher cracked 70% of urban WiFi networks in one hit
A new attack takes advantage of weak WiFi passwords [...]
Infosec skills gap widens in all regions bar Asia-Pacific – report
Overall worldwide shortfall shrinks 400k to 2.7m unfilled positions [...]
SQL injection flaw in billing software app tied to US ransomware infection
BillQuick customers blindsided by recently patched web security flaw [...]
Africa sees increase in ransomware, botnet attacks – but online scams still pose biggest threat
Fraud is still the primary goal of cybercriminals operating across the continent, Interpol warns in latest market report [...]
Popular NPM package UA-Parser-JS poisoned with cryptomining, password-stealing malware
Developer moves quickly to address vulnerabilities after his account was compromised [...]
Discourse fixes critical validation-related vulnerability in forum software
We need to talk about lack of validation [...]
Polygon pays out record $2 million bug bounty reward for critical vulnerability
Ethical hacker bags top prize for double spend flaw in smart contract [...]
Node.js sandboxes are open to prototype pollution
Sandbox breakout can lead to remote code execution, researchers warn [...]
Swiss exhibitions organizer MCH Group hit by cyber-attack
Investigations yet to confirm if any data was exfiltrated [...]
Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosure [...]
EU ban on anonymous domain registration welcomed by threat intel firm
‘This raises the bar and makes it expensive for easy cyber criminality,’ argues DomainTools [...]
New bug bounty platform launches for Indian ethical hackers
Security researchers can sign up now [...]
Bulletproof hosting duo jailed over support of cyber-attacks against US targets
Attacks leveraging defendants’ infrastructure inflicted heavy financial losses on victims [...]
Security pre-advisories: A simple way to improve the patch management process
Improving enterprise security, one patch at a time [...]
Historic scientific notation bug foils WAF defenses
AWS WAF and ModSecurity get ‘blinded by science’ [...]
Slack contains an XSLeak vulnerability that de-anonymizes users
Research inspired by similar flaws previously unearthed in Facebook, Twitter, and Microsoft Live [...]
(ISC)² hopes diversity drive will hasten glacial progress on plugging infosec workforce gap
CEO tells (ISC)2 Security Congress how orgs should rethink hiring strategies [...]
L0phtCrack password auditing tool goes open source
Original developers invite OS community to develop further capabilities [...]
Node.js was vulnerable to a novel HTTP request smuggling technique
Bad line termination and incorrect parsing of chunk extensions exposed one of two HRS flaws [...]
Bugs in malware create ‘backdoors’ for security researchers
Black hat trickery switched around to boost security defenses [...]
« newer articles | page 31 | older articles »