VSCode integration with Mitre ATT&CK framework allows security researchers to maintain focus
Introducing VSCode-ATT&CK [...]
Showing only posts by The Daily Swig. Show all posts.
GoAhead devs fix null byte injection vulnerability in embedded web server
Exploitation requires additional vulnerability or device misconfiguration [...]
WordPress XXE injection vulnerability could allow attackers to remotely steal host files
Researchers provide technical details of bug that was fixed in latest security release [...]
Machine learning security vulnerabilities are a growing threat to the web, report highlights
Security industry needs to tackle nascent AI threats before it’s too late [...]
Passwordstate credentials potentially ‘harvested’ after malicious software update injected into password manager
‘Number of affected customers still appears to be very low’, says latest vendor update [...]
Emotet clean-up: Security pros draw lessons from botnet menace as kill switch is activated
Malware-as-a-Service trailblazer finally zapped out of existence [...]
Dan Kaminsky: Tributes pour in for security researcher who died after short illness
‘We owe him so much... People who will never know his name owe Dan’ [...]
Mining technology company Gyrodata hit by ransomware attack – employee data leaked
Sensitive personal details possibly stolen [...]
CocoaPods RCE exploit exposed keys to repo used by three million mobile apps
Researcher uncovers vulnerability after probing Signal’s iOS source code [...]
Xerox vulnerability disclosure legal threat withdrawn
The researcher said that important information on the vulnerabilities was ‘not suppressed’ [...]
Vulnerability in Homebrew macOS package manager could allow arbitrary code execution
Flaw meant malicious code injected into Cask repo was merged automatically A vulnerability in Homebrew, the enormously popular open source package manager for macOS and Linux, enabled attackers to exe [...]
Ill-advised research on Linux kernel lands computer scientists in hot water
University of Minnesota banned from Linux kernel contributions in fallout over buggy commits experiment [...]
‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market
Vulnerability disclosure platform driven by ‘transparency and fairness’, with over 500,000 bugs fixed since 2014 [...]
Ransomware attacks on shipping, logistics organizations rising as coronavirus vaccine supply chain targeted
No honor among thieves [...]
Valve belatedly fixes Steam gaming platform RCE vulnerability
One flaw fixed after criticisms about delays, but second longstanding security bug remains unaddressed [...]
Don’t panic! DEF CON warrant canary confusion blamed on ‘CMS mistake’
It ain’t the feds, just gremlins in the system [...]
Zero-day vulnerabilities in SonicWall email client led to network access, backdoors installed
Unknown adversary found to be exploiting security flaws in the wild [...]
Telecoms industry facing increased DDoS attacks, report warns
New research from Cloudflare details cyber-attack trends of 2021 so far [...]
QNAP fixes critical RCE vulnerabilities in NAS devices
Taiwanese vendor also issues mitigations for quartet of other serious flaws [...]
Vulnerability in Nagios XI exploited by cryptojacking crooks to hijack systems
Security flaw discovered in network monitoring software [...]
Django Debug Toolbar tripped up by SQL injection flaw
Doctored forms pose threat to web framework DevOps plugin [...]
Codecov users warned after backdoor discovered in DevOps tool
Credential-slurping code lingered in Bash Uploader script for months [...]
Drinks giant C&C Group subsidiary shuts down IT systems following security incident
Staff at Matthew Clark Bibendum are ‘fulfilling orders manually’ while they restore systems [...]
Researchers trick Duo 2FA into sending authentication request to attacker-controlled device
Something you know, something you hack [...]
Swiss Post launches public bug bounty program with YesWeHack
Switzerland’s national mail carrier asks more security researchers to test its networks [...]
« newer articles | page 47 | older articles »