Hacker community jumps on hilarious Twitter meme mocking bad infosec advice from CISOs
Satirical hot takes from non-technical position holders [...]
Showing only posts by The Daily Swig. Show all posts.
Vulnerability in Microsoft Teams granted attackers access to emails, messages, and personal files
Security bug in the popular workspace app has been patched [...]
US Computer Fraud and Abuse Act: What the ‘landmark’ Van Buren ruling means for security researchers
Industry breathes a sigh of relief as legal threat recedes [...]
Thousands of VMWare vCenter Server instances still unpatched against critical flaws three weeks post-disclosure
Vulnerabilities could allow an attacker to execute commands with unrestricted privileges [...]
Security researcher turns Apache Airflow into bug bounty cash cow
$13,000 banked through scan and exploit attack methodology [...]
Asian e-commerce giant Lazada launches first public bug bounty program
Popular online shopping platform is offering up to $10k for ‘max critical’ vulnerabilities [...]
Android screen lock protection thwarted by Facebook Messenger Rooms exploit
Researcher earns $3,000 bug bounty after compromising Facebook accounts on screen-locked devices [...]
Cybersecurity for charities: How to protect your non-profit from cyber-attacks
Top tips on thwarting data breaches, ransomware, and more from infosec experts [...]
CD Projekt Red: Games developer releases more details about cyber-attack that exposed private data
Polish gaming company reported security incident to multiple law enforcement agencies [...]
SIP protocol abused to trigger XSS attacks via VoIP call monitoring software
SIP devices could become unwitting access points for remote attacks on critical systems [...]
Al Jazeera repels cyber-attacks that sought to disrupt media network
Attacks ‘aimed at accessing, disrupting, and controlling’ news platform thwarted [...]
CVE board slams Distributed Weakness Filing project for publishing ‘unauthorized’ CVE records
Concerns have been raised that the DWF project is causing “confusion” in the community [...]
IoT security: Researchers discover Stem Audio smart speaker eavesdropping risk
Conference room hardware hack symptomatic of more general malaise, warn security researchers [...]
Google Chrome Web Store is ranking suspicious web extensions above popular plugins
Privacy add-ons uBlock Origin and AdGuard are among the affected apps [...]
Colonial Pipeline cyber-attack: US authorities seize $2.3m in DarkSide ransomware payments
Funds represent a ‘significant portion’ of proceeds for those behind critical infrastructure attack [...]
‘Being serious about security is a must’ – Apache Software Foundation custodians on fulfilling its founding mission
Board members offer a behind-the-scenes look at the non-profit [...]
Dual vulnerability combo in popular CMS Joomla could lead to full system compromise
Patched finally issued following difficult triage and disclosure process [...]
US government launches first VDP for federal civilian agencies
Bug bounty vendor Bugcrowd to oversee the project [...]
US government launches first VDP program for federal civilian agencies
Bug bounty vendor Bugcrowd to oversee the project [...]
GitHub changes policy to welcome security researchers
Coding platforms explicitly permits proof of concept exploits [...]
Critical zero-day vulnerabilities found in ‘unsupported’ Fedena school management software
Users urged to migrate to alternative application, with open source project long since abandoned [...]
Security vulnerability in Hyperkitty could expose private data
Users of the Mailman newsletter management service should patch now [...]
Microsoft debuts Automatic HTTPS for Edge in secure browsing upgrade
The feature can be used to automatically switch from HTTP to HTTPS [...]
Korenix patches multiple critical vulnerabilities in networking devices
Security flaws could allow attackers unauthorized access [...]
Get the message: Organizations without vulnerability disclosure policies failing to address researchers’ security warnings
Ethical hackers frequently report security flaws outside of VDPs – often to no avail [...]
« newer articles | page 43 | older articles »