Mercedes-Benz USA admits some customers’ credit card details, driver’s license numbers were accessible for 3.5 years
Fewer than 1,000 individuals impacted by bungle [...]
Showing only posts by The Daily Swig. Show all posts.
Instagram vulnerability nets researcher $30k after exposing users’ private content
Private posts, stories, video reels, and IGTVs were accessible [...]
Ukrainian man sentenced to prison for his part in billion-dollar FIN7 cybercrime campaign
High-profile threat group sold stolen credit and debit card payment information [...]
Security organizations join forces with EFF to lobby for DMCA reform
‘Good faith’ security research needs shielding from legal blunderbuss [...]
‘LEXSS’ injection: How to bypass lexical parsers by abusing HTML parsing logic
Researcher digs deeper into technique that uncovered flaws in popular WYSIWYG HTML text editors [...]
West Virginia job seekers alerted to gov’t employment agency data breach
WorkForce West Virginia’s MACC database was compromised earlier this year [...]
Misconfigurations in most Active Directory environments create serious security holes, researchers find
One default configuration deemed problematic failed meet Microsoft’s ‘bar for a security update’ [...]
EU pushes plans for Joint Cyber Unit in fight against increased cyber-attacks
Plans to form a cross-border rapid response security team are stepped up [...]
Data breach at US eye clinic impacting 500,000 patients potentially exposed private medical information
Organization blames ‘targeted cyber-attack’ [...]
Zero-day vulnerabilities in Pling leave Linux marketplaces open to RCE, supply chain attacks
Security researcher warns against running PlingStore Electron or visiting affected websites [...]
European Commission to hold ‘hackathon’ in bid to secure data sharing across EU
Week-long competition asks for hackers’ help in solving ‘complex’ issue [...]
Asia-Pacific internet registry APNIC says WHOIS admin passwords were mistakenly exposed for three months
Internet org downplays threat to integrity of domain name registry [...]
Zero-encryption zero-day – Android fitness app caught sending data in clear text
VeryFitPro flaw decidedly unhealthy for user privacy [...]
Intent redirection vulnerabilities in popular Android apps spotlight danger of dynamic code loading, warn researchers
Bug could allow a malicious app to steal a plethora of sensitive data from user’s device [...]
CSP bypass: How one Chrome XSS bug took 2.5 years and an HTML spec change to fix
Browser flaw enabled XSS attacks on protected pages [...]
US supermarket chain Wegmans suffers data breach due to ‘misconfigured’ databases
Personal information belonging to customers was available online since late April [...]
NIST charts course towards more secure supply chains for government software
Preliminary ideas emerge for more effective, ecosystem-wide standards and guidelines [...]
NIST, Google chart course towards more secure software supply chains
Momentum building for effective, ecosystem-wide standards and guidelines [...]
Healthcare vendor Zoll patches high-risk vulnerabilities in defibrillator management software
Anonymous tip-off helps improve healthcare security landscape [...]
XSS flaw in Wire messaging app allowed attackers to ‘fully control’ user accounts
Security fixes pushed down the wire [...]
GitLab fixes serious SSRF flaw that exposed orgs’ internal servers
DevSecOops [...]
Google abandons plans to simplify URLs in Chrome following real-world testing
Grand omnibox experiment failed to hit the mark [...]
UK legal firm Gateley warns of data breach following cyber-attack
‘Core systems’ restored after unauthorized intrusion compromises client data [...]
US man accused of 2010 DDoS attack on Santa Cruz government arrested
Defendant said to have fled following allegations related to cyber-attack [...]
Google open-sources tools to bring fully homomorphic encryption into the mainstream
Cryptographic expertise not needed to enable computations on encrypted data, says tech giant [...]
« newer articles | page 42 | older articles »