India’s Personal Data Privacy Bill: What does it mean for individuals and businesses?
New legislation sets out to bring India in line with international best practice, but what will this look like in action? [...]
Showing only posts in The Daily Swig. Show all posts.
Google Groups unsubscribe feature abused to remove members without consent
‘This could have destroyed the Google Payment system flow,’ security researcher tells The Daily Swig [...]
AirTag clone bypassed Apple’s tracking-protection features, claims researcher
Third-party app allegedly outperforms Find My service by detecting the DIY device [...]
Zero-day RCE flaw among multiple bugs found in Extensis Portfolio – research
Extensis was described as ‘not receptive’ to disclosure and has allegedly not provided patches Researchers have disclosed critical vulnerabilities in Extensis Portfolio, including a zero-day flaw that [...]
Jaw-dropping Coinbase security bug allowed users to steal unlimited cryptocurrency
Researcher nets $250,000 for ‘potentially market-nuking’ vulnerability [...]
Introducing Ghostbuster – AWS security tool protects against dangling elastic IP takeovers
New defense against attacks that can cause more damage than other flavors of subdomain takeover [...]
Red Cross servers ‘were hacked via unpatched ManageEngine flaw’
Humanitarian organization failed to apply fix rolled out a couple of months earlier [...]
Critical vulnerabilities in Zabbix Web Frontend allow authentication bypass, code execution on servers
Patch now to protect, say researchers [...]
Lagging behind? New study highlights weaknesses in open source patch process
Patch delays create a ‘window of opportunity’ for observant attackers [...]
Microsoft bolsters Edge browser security with enhanced features
Latest protections unveiled [...]
Russian nation-state hackers targeting US contractors for sensitive defense information, FBI warns
Cybersecurity and military secrets among documents accessed [...]
Port of LA’s new Cyber Resilience Center aims to bolster physical and digital supply chain defenses
‘We must take every precaution against potential cyber incidents’, port director tells The Daily Swig [...]
MFA fatigue attacks: Users tricked into allowing device access due to overload of push notifications
Social engineering technique confuses victims to gain entry to their accounts [...]
Poisoned pipelines: Security researcher explores attack methods in CI environments
Attack vector abuses permissions to force CI pipelines to execute arbitrary commands [...]
Emergency Adobe Commerce, Magento patches follow ‘limited’ in-the-wild attacks on vulnerable deployments
Web admins urged to update now [...]
New tool can uncover redacted, pixelated text to reveal sensitive data
Developer warns that redaction method is insecure [...]
Grafana web security vulnerability opened a plethora of attack possibilities
Visualize this [...]
Internet Society data leak exposed 80,000 members’ login details
Champion of an open, secure internet blames breach on third-party oversight The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and secure, has blamed the inadvertent expo [...]
Missouri prosecutor declines to file charges over ‘hacker’ allegation against reporter
Relief as controversial charges dropped tempered by fears about chilling effect [...]
New Zealand government mandates bug reporting process for federal agencies
Researchers can report vulnerabilities on a ‘no blame’ basis [...]
Google Project Zero hails dramatic acceleration in security bug remediation
Researchers credit greater transparency and responsible disclosure policies for improvements in the patching process [...]
Nintendo Switch hacker sent behind bars, owes video game giant further $4.5m
Underground business sold jailbreak devices for consoles including the Nintendo Switch, 3DS, and Microsoft’s Xbox [...]
Tool trio released to protect JavaScript applications from malicious NPM packages
Security tools inspired by recent case where a package maintainer went rogue [...]
Cryptocurrency firm MakerDAO offers record $10m in newly launched bug bounty program
Chance to become an instant multimillionaire via flaws in DAI smart contracts, websites, and apps [...]
Ransomware surge prompts joint NCSC, CISA warning to safeguard systems
Weekend attacks and assaults on the software supply chain mark evolving TTPs [...]
« newer articles | page 21 | older articles »