Black Hat USA: Downgrade attack against Let’s Encrypt lowers the bar for printing fraudulent SSL certificates
German researchers circumvent key web security mechanism [...]
Showing only posts by The Daily Swig. Show all posts.
Dispute erupts between Chaos Computer Club and Germany’s CDU after activist finds alarming data leak
Christian Democratic Union spokesperson says police report was not directed at security researcher [...]
Enfilade: Open source tool flags ransomware and bot infections in MongoDB instances
Malware research tool lands on GitHub after Covid-related cancellation of Black Hat presentation [...]
Writers’ block? Tools that simplify the report-writing process allow security researchers to ‘focus on the fun part’
Importance of communication brought into focus at Black Hat USA this week [...]
Bow to the USBsamurai: Malicious USB cable leaves air-gapped networks open to attack
Open source hacking tool costs less than $15 to produce [...]
Black Hat USA: HTTP/2 flaws expose organizations to fresh wave of request smuggling attacks
Security researcher James Kettle digs deep into the web stack to reveal some shiny new attack surface [...]
Black Hat USA 2021: Lessons to learn from the aviation sector after Biden mandates cyber-attack investigatory body
‘We might not make cyber-attacks as rare as airline disasters, but we can hopefully make them a more manageable problem’ [...]
Black Hat Briefings: Hosted DNS configuration flaws risk leaking corporate network topologies
AWS Route 53 plugs security hole, but other managed DNS platforms are potentially vulnerable, researchers warn [...]
Black Hat USA: Credential leak detection tool Scrapesy aims to reduce incident response times
Dual-purpose hacking tool was demonstrated at the Arsenal track of the security conference this week [...]
Pakistan government approves new cybersecurity policy, cybercrime agency
New policy welcomed as much-needed improvement to ‘poorly implemented’ Prevention of Electronic Crime Act [...]
Black Hat 2021: WARCannon simplifies web-wide vulnerability research
‘Even the most resource-constrained researcher can now add web-scale analysis to their arsenal’ [...]
Black Hat 2021: Zero-days, ransoms, supply chains, oh my!
Stolen zero-days are fueling ‘out-of-control’ supply chain attack problem, warns former cyber-spy [...]
Decade-long vulnerability in multiple routers could allow network compromise
Devices using Arcadyan software are at risk [...]
Vulnerability in dating site OkCupid could be used to trick users into ‘liking’ or messaging other profiles
Miscreants could also potentially see dating profiles of logged-in victims [...]
Security researcher finds dangerous bug in Chromium, nabs $15,000 bounty
Site isolation security break uncovered [...]
Four-fold increase in software supply chain attacks predicted in 2021 – report
EU study warns of growing trend where one attack can leave countless organizations vulnerable [...]
Data breach class actions: US Supreme Court decision may tilt the odds in favor of defendant organizations
TransUnion opinion raises bar for bringing federal class action lawsuits – but state courts offer breach victims a more viable alternative route, writes David Oberly [...]
Critical flaws in TransLogic Pneumatic Tube System could see attackers sabotage hospital operations
Vendor Swisslog urges more than 3,000 hospitals worldwide to apply patch ASAP [...]
UK universities awarded funding for research into IoT, smart home security
Academics say that smart technology is a ‘balancing act’, and that consumers need to be aware of the risks [...]
Bug Bounty Radar // The latest bug bounty programs for August 2021
New web targets for the discerning hacker [...]
Dropbox researchers develop tool to detect lateral movement attacks against enterprise networks
‘Hopper’ delivered better detection and much reduced false alarms in early tests [...]
Aaron Portnoy – ‘There’s no silver bullet for ransomware or supply chain attacks’
‘We don’t have the luxury of starting over,’ offensive security specialist warns in wide-ranging interview INTERVIEW Aaron Portnoy confesses to periodic bouts of imposter syndrome, despite having carv [...]
Entertainment tech provider D-Box recovering from ransomware attack
Cyber-attack ‘limited to internal systems’ [...]
Arrests made over European ATM ‘jackpotting’ spree
Attacks combined physical and digital exploits to land criminals $273,000 [...]
Finders, cheaters: RCE bug in Moodle e-learning platform could be abused to steal data, manipulate results
Researchers warn of critical vulnerability in popular education management system [...]
« newer articles | page 38 | older articles »