Pega Infinity hotfix released after researchers flag critical authentication bypass vulnerability
Flawed password reset system opened the door to full account takeover [...]
Showing only posts by The Daily Swig. Show all posts.
Four plead guilty to providing ‘bulletproof’ hosting services for cybercriminals
Eastern European nationals admit to renting out resources to launch malware attacks and conduct other fraudulent activities [...]
Remote Mouse mobile app contains raft of zero-day RCE vulnerabilities
Remote control app for desktop PCs has surpassed 20m users, says vendor [...]
What the FLoC? Everything you need to know about Google’s new ad tech that aims to replace third-party cookies
Will ‘Federated Learning of Cohorts’ preserve user privacy? The jury is still out [...]
Researcher calls out privacy flaw in Twitter’s new ‘Tip Jar’ donation feature
Social media platform promises to warn donors that their address is leaked by PayPal when tipping other users [...]
Troy Hunt at Black Hat Asia: ‘We’re making it very difficult for people to make good security decisions’
Have I Been Pwned founder’s keynote offered a sobering counterpoint to the well-meaning ‘World Password Day’ [...]
Researcher discovers vulnerabilities in Azure Functions, stumbles across false oracle
Potential catastrophe averted due to an implementation bug in Microsoft cryptography [...]
Mauritian government’s plan to intercept encrypted web traffic marks ‘death knell for freedom of speech’
Privacy and security advocates slam proposal that would allow authorities to ‘inspect’ all social media traffic [...]
US Department of Defense expands vulnerability disclosure program
DoD networks, IoT devices, and industrial control systems now in play [...]
Multiple critical vulnerabilities in Exim email server software pose RCE risk
Msg spool attack threat [...]
Google and Mozilla unveil plans to bake HTML sanitization into their browsers
Tech giants take aim at client-side scripting attacks [...]
Google and Mozilla will bake HTML sanitization into their browsers
Tech giants take aim at client-side scripting attacks [...]
Pulse Connect Secure zero-day stars in critical patch batch
System updates urgent amid exploitation by nation-state attackers [...]
XSS in the wild: JavaScript-stuffed orders used to compromise Japanese e-commerce sites
Website vulnerabilities abused in new hacking campaign [...]
PHP package manager flaw left millions of web apps open to abuse
Fix released for decade-old supply chain vulnerability impacting Composer [...]
UK Computer Misuse Act: Lord Chris Holmes CBE on the CyberUp campaign’s call to overhaul ‘archaic’ legislation
Government peer tells The Daily Swig that legislators should aim to future-proof UK cybercrime laws [...]
Bug Bounty Radar // The latest bug bounty programs for May 2021
New web targets for the discerning hacker [...]
Stored XSS vulnerability patched in open source firewall pfSense
The vulnerability could be weaponized to execute arbitrary code in a victim’s browser [...]
Raising the bar: Tiki app aims to hand ownership of personal data back to the individual
More than 10,000 users have already signed up for access prior to Tiki’s launch in June [...]
Raising the bar: Tiki app hands ownership of personal data back to the individual
More than 10,000 users have already signed up for access prior to Tiki’s launch in June [...]
Raising the privacy bar: Tiki app aims to hand ownership of personal data back to the individual
More than 10,000 users have already signed up for access prior to Tiki’s launch in June [...]
Time to update DNS servers to defend against brace of serious BIND vulnerabilities
Denial of service and buffer overflow bugs addressed in latest security release [...]
Covid-19, breath alcohol test results of 164,000 Wyoming residents mistakenly exposed on GitHub
Wyoming health department employee uploaded sensitive data to software code repositories [...]
Google Android’s implementation of privacy-preserving contact tracing ‘flawed’
Tech giant downplays location and Covid-states leakage concerns [...]
Musical instrument marketplace Reverb suffers data breach
Chicago-based company confirms security incident, asks users to reset passwords [...]
« newer articles | page 46 | older articles »