Zero-day flaws in IoT baby monitors could give attackers access to camera feeds
Customers should ‘stop using devices altogether’, say researchers [...]
Showing only posts by The Daily Swig. Show all posts.
Node.js archives serious tar handling vulnerabilities with software update
Enter the tar pit [...]
‘Stalkerware’ vendor SpyFone barred from surveillance market, FTC announces
Stalkers and domestic abusers can use app to ‘stealthily track’ victims, says watchdog [...]
Mozilla offers transparency by publishing VPN audit
Non-profit reveals more favorable results than those uncovered by similar review last year [...]
CREST: NCC Group ‘vicariously responsible’ for those involved in exam controversy
Security consulting firm insists no student gained an unfair advantage [...]
Eight US financial services firms given six-figure fines over BEC data breaches
Thousands of victims involved as separate report warns of wider rise in brute-force attacks against accounts [...]
Singapore government launches bug bounty program for digital services
Monetary rewards for ethical hackers [...]
Bug Bounty Radar // The latest bug bounty programs for September 2021
New web targets for the discerning hacker [...]
Microsoft Exchange Server had ‘ProxyToken’ vulnerability that leaked incoming emails
Patched authentication bypass comes in wake of widespread exploitation of ‘ProxyShell’ vulnerabilities [...]
Deserialization bug in TensorFlow machine learning framework allowed arbitrary code execution
Developers revoke YAML support to protect against exploitation [...]
Microsoft warns of critical Azure Cloud vulnerability impacting Cosmos DB accounts
Researchers say the issue has been exploitable for ‘months’ [...]
Annke network video recorder vulnerability could see attackers seize control of security cameras
Malicious hackers could access and delete footage or disable cameras [...]
Ransomware attack at Singapore eye clinic potentially breaches 73,000 patients’ data
Healthcare provider hit by cyber-attack earlier this month [...]
Cybercrime triathlete jailed for 11 years over trio of online scams
Romanian national sent down after admitting vishing, phishing, and money laundering rackets [...]
‘Trilateration’ vulnerability in dating app Bumble leaked users’ exact location
Attack built on previous Tinder exploit earned researcher – and ultimately, a charity – $2k [...]
Breach at Deep South allergy clinic group exposed the health info of estimated 9,800 patients
Data leak might be linked to ransomware gang's data dump [...]
UK firm accused of bullying small businesses with CSP patent infringement letters backtracks
Datawing disavows CSP nonce legal offensive [...]
Citrix quietly restores vulnerability credits to Positive Technologies researchers after Russian infosec firm’s erasure
One of two deleted credits was for the most frequently targeted flaw of 2020 [...]
Rampant misconfigurations in Microsoft Power Apps exposed 38 million records
Microsoft makes OData APIs privacy-preserving by default after revelations [...]
US and Singapore sign agreement to bolster cybersecurity across government agencies
Memorandum of Understanding will strengthen knowledge sharing practices [...]
Founder of bitcoin money laundering service admits $300 million racket
Helix unwound as bitcoin tumbler kingpin faces long prison sentence [...]
Critical vulnerabilities in web file manager elFinder leave servers susceptible to takeover
Immediate triage urged as researchers warn in-the-wild exploitation likely [...]
Mozi malware modified to present a more potent threat to industrial control systems
Routers compromised to run attacks, plant ransomware [...]
US healthcare org sends data breach warning to 1.4m patients following ransomware attack
Attackers gained access to St. Joseph’s/Candler network in December last year [...]
Good education: Cyber awareness initiative aims to close infosec workforce gap with free school curriculum
Cyber.org leads program to bring better cybersecurity to US classrooms [...]
« newer articles | page 36 | older articles »