Security bug in VMWare Workspace ONE could allow access to internal, cloud networks
Users should patch immediately [...]
Showing only posts in The Daily Swig. Show all posts.
Bug Bounty Radar // The latest bug bounty programs for May 2022
New web targets for the discerning hacker [...]
Data breach at US healthcare provider ARcare impacts 345,000 individuals
Sensitive medical and other personal data was potentially exposed [...]
GitHub offers post-mortem on recent security breach
Tokens stollen and abused but problem has been contained [...]
Microsoft report unmasks at least six Russian nation-state actors responsible for cyber-attacks against Ukraine
Kremlin-linked actors have launched multiple assaults since invasion began [...]
Socket: New tool takes a proactive approach to prevent OSS supply chain attacks
Signal detector aims to help developers to stay ahead of threats [...]
VirusTotal debunks claims of a serious vulnerability in Google-owned antivirus service
Third party file and theft [...]
Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi
Maintainers promptly patch issue that could also leak sensitive personal data [...]
Disavowed: Chrome plans to deprecate ‘document.domain’ lays the groundwork for shift in browser security
Making document.domain immutable [...]
Bug bounty platform Intigriti offers new hourly payment option for vulnerability researchers
Pen testing-meets-bug bounty model announced today [...]
IBM database updates address critical vulnerabilities in third-party XML parser
Flaws in popular parser prompt updates from numerous downstream vendors [...]
OT security coalition aims to bolster industrial cybersecurity
Operational Technology Cybersecurity Coalition to tackle infrastructure security issues [...]
Pwn2Own Miami: Hackers earn $400,000 by cracking ICS platforms
Industrial control insecurity laid bare during competition [...]
Hot patch for Log4Shell vulnerability in AWS allowed full host takeover
Critical security issues found in quick fix [...]
Vulnerability in AWS Log4Shell hot patch allowed full host takeover
Critical security issues found in quick fix [...]
Hack Me, I’m Famous: Bug bounty hackathon nets security researcher €10,000 overnight
European event saw 40 researchers team up to find bugs [...]
NIST revamps aging enterprise patch management guidance
US agency highlights ‘divide’ between security teams and their colleagues about the value of patching [...]
Java encryption implementation error made it trivial to forge credentials
Bundled math in code issue created security trap [...]
UK government employees receive ‘billions’ of malicious emails per year – report
Phishing, malware, and spam are popular techniques deployed by attackers [...]
Pegasus mobile spyware used zero-click exploits to snoop on Catalan politicians
CatalanGate [...]
Utah Consumer Privacy Act: New legislation adds another wrinkle to the US legal landscape
Soon to be enacted law provides further governance for citizens’ data [...]
XSS vulnerability in open source tool PrivateBin patched
Flaw allowed malicious JavaScript to be embedded in an SVG file [...]
Tearing down red flags: Women in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros
Infosec leader on why training, mutual support, and career opportunities are needed to keep women in their roles [...]
Critical infrastructure entities on red alert over ‘exceptionally rare and dangerous’ ICS malware
Powerful, versatile, and easy to use hacking toolset likened to Stuxnet [...]
Credit card industry standard revised to repel card-skimmer attacks
PCI DSS v4.0 encourages better defenses against Magecart-style assaults [...]
« newer articles | page 16 | older articles »