Brace of Icinga web vulnerabilities ‘easily chained’ to hack IT monitoring software
Open source IT monitoring system gets patched [...]
Showing only posts in The Daily Swig. Show all posts.
Ukrainian hacker jailed for selling account credentials on the dark web
Botnet operator had thousands of hacked credential listings, according to the DoJ [...]
Marcus Hutchins on halting the WannaCry ransomware attack – ‘Still to this day it feels like it was all a weird dream’
Five years since WannaCry exploded onto the scene, ransomware still tops global threat lists ANALYSIS Five years ago today (May 12), a ransomware attack blamed on a North Korean hacking group hit comp [...]
Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit
Conti, Lockbit, and other prolific ransomware strains apparently have similar vulnerabilities [...]
Box, Zoom, Google Docs offer phishing boost with ‘vanity URL’ flaws
Attack technique bypasses email filters and burnishes credibility of phishing links [...]
CyberUK 2022: Global power conflicts creating ‘balkinization’ of cybersecurity tech
Technology interoperability at risk from wider conflict between China and the West [...]
RuTube hack: Russian video platform denies loss of source code following cyber-attack
The ‘Russian alternative to YouTube’ has been offline since Monday [...]
NIST refreshes software supply chain risk management guidance
‘A comprehensive tool that can take you from crawl to walk to run’ [...]
UK government blocked four times as many cyber-scams in 2021 than previous year, CyberUK delegates told
War in Ukraine and ransomware trends top the agenda at this year’s NCSC conference [...]
Russia behind cyber-attack on satellite internet network KA-SAT that disrupted Ukrainian infrastructure – EU
Suspected DDoS attack took place one hour before Russia invaded Ukraine [...]
EU targets standardization as key to bloc-wide cyber-resilience
Threat landscape’s increasing complexity adds impetus to drive for consistency across 27 member states [...]
Quantum leap: Biden administration commits to ensuring US leadership in emerging tech
Government sets out plan for post-quantum encryption [...]
BIG-IP: Proof-of-concept released for RCE vulnerability in F5 network management tool
Users should patch immediately [...]
WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued
Attackers pounce before site owners can activate the installation wizard [...]
UK government calls for tougher protections against malicious mobile apps
NCSC proposes new code of conduct for app stores [...]
Heroku resets user passwords after concluding April cyber-attack ran deep
Hack investigation blames compromised token for breach [...]
India to introduce six-hour data breach notification rule
Reporting window is 66 hours shorter than that stipulated under the EU’s GDPR [...]
Serious Snipe-IT bug exploitable to send password reset email traps
Attackers could use the flaw to steal credentials with no authentication required [...]
Zero-day bug in uClibc library could leave IoT devices vulnerable to DNS poisoning attacks
Unpatched flaw caused by the predictability of transaction IDs [...]
State Bar of Georgia reels from cyber-attack
Bar suspends website after mystery assault [...]
TLStorm 2.0: Millions of Aruba and Avaya network switches affected by RCE flaws
Patches issued for vulnerabilities arising from misuse of NanoSSL TLS library [...]
Path traversal flaw found in OWASP enterprise library of security controls
Difficult-to-exploit ESAPI vulnerability offers best practice lessons [...]
Path traversal flaw found in OWASP enterprise security testing library
Difficult-to-exploit ESAPI vulnerability offers best practice lessons [...]
Data breach at US energy supplier Riviera Utilities exposes customer information
Unknown actor accessed employee emails [...]
Poisoned packages: NPM developer reputations could be leveraged to legitimize malicious software
Faulty invitation mechanism enabled ‘package planting’ attacks [...]
« newer articles | page 15 | older articles »