Embedded insecurity: Broadcom SDK vulnerabilities create lingering risk for router manufacturers
Genesis of ‘forever-day’ vulnerability in Cisco business-grade router line uncovered [...]
Showing only posts by The Daily Swig. Show all posts.
Apache HTTP Server devs issue fix for critical data leak vulnerability – update now
Bug was inadvertently introduced in last month’s security release [...]
OnionShare: Secure communications platform used by whistleblowers and journalists patches data exposure bug
Open source software is used to protect a sender’s identity [...]
Safari adds strict CSP support, catches up with other leading browsers
Apple offers users greater defense against XSS and other vulnerabilities [...]
Let’s Encrypt root cert update catches out many big-name tech firms
Back on the chain gang [...]
Cryptocurrency funds removed from 6,000 Coinbase accounts due to flaw in SMS authentication
Victims are told they will be reimbursed [...]
‘Prolific’ ransomware operators arrested in Ukraine – Europol
Assets also frozen over ‘string of targeted attacks’ against US and European targets [...]
Prototype pollution vulnerabilities rife among high-traffic websites, study finds
Technique is exploitable at scale because it’s so overlooked, speculate researchers [...]
Malicious hackers are exploiting known vulnerabilities because organizations aren’t quick enough to patch – report
Cybercriminals are scanning Shodan for easy marks [...]
US retailer Neiman Marcus notifies 4.6 million customers of data breach
Department store chain forces password reset after discovering 2020 incident last month [...]
Bug Bounty Radar // The latest bug bounty programs for October 2021
New web targets for the discerning hacker [...]
Latest web hacking tools – Q4 2021
We take a look at the latest additions to security researchers’ armoury [...]
RCE vulnerabilities in open source software Cachet could put users at risk
Patches released for status page management system flaws [...]
Navistar confirms data breach involved employee healthcare information
US truck manufacturer breaks bad news to employees and retired workers [...]
What does the future hold for browser security? Check out the latest features destined for mobile and desktop
A rundown of leading web browsers’ privacy and security features – both in place and in the pipeline [...]
WordPress security: CookieYes GDPR plugin patches XSS bug following large-scale PHP audit
Researchers claim five plugins use extract() function insecurely – but some maintainers disagree [...]
Mission accomplished: Security plugin HTTPS Everywhere to be deprecated in 2022
Browser extension can be retired as push to encrypt the web is almost complete, says EFF [...]
Social media scam: Twitter bots are tricking users into making PayPal and Venmo payments into fraudsters’ accounts
Social engineering scammers are using cloned social media accounts to carry out deceit [...]
Better future? Safari browser extension is preparing for Apple’s ‘post-privacy’ world
‘Apple’s plans to violate your privacy have left a sour taste in our mouths’, says developers [...]
Google Chrome to incorporate new secure payment feature
New tech touted as faster and stronger than web-based authentication alternatives [...]
OWASP toasts 20th anniversary with revised Top 10 for 2021
Non-profit confirms latest iteration of web attack hit list during 24-hour live event [...]
VMware vCenter deployments under attack as enterprises urged to update systems
Mass scanning detected after RCE exploits surface online [...]
Opera browser patches My Flow remote code execution vulnerability
A bug bounty hunter was able to pivot from XSS to full-blown RCE [...]
Developers fix multitude of vulnerabilities in Apache HTTP Server
High-impact SSRF and request smuggling bugs among flaws addressed in bumper patch cycle [...]
Meet TruffleHog – a browser extension for finding secret keys in JavaScript code
API keys are accidentally being leaked by websites. Here’s how to find them [...]
« newer articles | page 33 | older articles »