About

Latest cybersecurity news from Europe


Researchers net $46k for Akamai misconfiguration vulnerability

04 October 2022Researchers net $46k for Akamai misconfiguration vulnerabilityA lesson in how to achieve maximum value for your discoveries

Kubernetes cluster threat

Rancher remediates risk created by secrets stored in plaintext28 September 2022Kubernetes cluster threatRancher remediates risk created by secrets stored in plaintext

NETGEAR resolves router bugs in bundled gaming component

16 September 2022NETGEAR resolves router bugs in bundled gaming componentSilicon Valley vendor tackles command injection and MitM-to-RCE issues

Open source CMS TYPO3 tackles XSS vulnerability

15 September 2022Open source CMS TYPO3 tackles XSS vulnerabilityBug spawned by parsing problem in upstream package

WordPress plugin security

WPHash harvests 75 million hashes for detecting vulnerable plugins12 September 2022WordPress plugin securityWPHash harvests 75 million hashes for detecting vulnerable plugins

Bug Bounty Radar

The latest bug bounty programs for September 202202 September 2022Bug Bounty RadarThe latest bug bounty programs for September 2022

Open source security

Three-day hackathon uncovers hundreds of bugs in Yahoo search engine tool Vespa31 August 2022Open source securityThree-day hackathon uncovers hundreds of bugs in Yahoo search engine tool Vespa

Bone of contention

Security researchers blast ‘ridiculous’ CrowdStrike bug disclosure practices23 August 2022Bone of contentionSecurity researchers blast ‘ridiculous’ CrowdStrike bug disclosure practices

Election stress test

Swiss Post relaunches e-voting bug bounty program17 August 2022Election stress testSwiss Post relaunches e-voting bug bounty program

Legitimate hacking activities under UK law proposed by ‘expert consensus’

16 August 2022Legitimate hacking activities under UK law proposed by ‘expert consensus’Contentious edge case activities are no excuse for further delaying of ‘much overdue’ reform, say campaigners

Browsers non-grata

German proposals will oblige government employees to use modern, secure web browsers15 August 2022Browsers non-grataGerman proposals will oblige government employees to use modern, secure web browsers

Bug bounty launch

Swiss government announces upcoming security reward program03 August 2022Bug bounty launchSwiss government announces upcoming security reward program

‘You get respect for owning what happened’

SolarWinds’ CISO on the legacy and lessons of Sunburst01 August 2022‘You get respect for owning what happened’SolarWinds’ CISO on the legacy and lessons of Sunburst

Bug Bounty Radar

The latest bug bounty programs for August 202229 July 2022Bug Bounty RadarThe latest bug bounty programs for August 2022

Preemptive patches

Open-Xchange issues fixes for RCE, SSRF bugs in OX App Suite27 July 2022Preemptive patchesOpen-Xchange issues fixes for RCE, SSRF bugs in OX App Suite

Cloud fax

Company claims healthcare pros are ditching email for ‘more secure’ fax26 July 2022Cloud faxCompany claims healthcare pros are ditching email for ‘more secure’ fax

Breaking the chain

Zyxel firewall vulnerabilities left business networks open to abuse22 July 2022Breaking the chainZyxel firewall vulnerabilities left business networks open to abuse

Hack of the net

Fantasy Premier League football app introduces 2FA to tackle account takeover hacks15 July 2022Hack of the netFantasy Premier League football app introduces 2FA to tackle account takeover hacks

‘Untenable risk to Firefox users’

Crunch time for EU web authentication plan as Mozilla launches campaign to protect status quo15 July 2022‘Untenable risk to Firefox users’Crunch time for EU web authentication plan as Mozilla launches campaign to protect status quo

Cost of cybercrime

UK NCSC and ICO urge legal sector to discourage businesses from paying ransomware demands12 July 2022Cost of cybercrimeUK NCSC and ICO urge legal sector to discourage businesses from paying ransomware demands

Killing CAPTCHA

Cloudflare CTO John Graham-Cumming envisages a frictionless future for website Turing tests04 July 2022Killing CAPTCHACloudflare CTO John Graham-Cumming envisages a frictionless future for website Turing tests

War games

Europe completes large-scale cyber crisis simulation01 July 2022War gamesEurope completes large-scale cyber crisis simulation

Latest web hacking tools – Q3 2022

01 July 2022Latest web hacking tools – Q3 2022We take a look at the latest additions to security researchers’ armory

Bug Bounty Radar

The latest bug bounty programs for July 202230 June 2022Bug Bounty RadarThe latest bug bounty programs for July 2022

UnRAR vulnerability

Path traversal flaw can lead to RCE in Zimbra29 June 2022UnRAR vulnerabilityPath traversal flaw can lead to RCE in Zimbra

YARAify

Tool scans suspicious files against a large repository of YARA rules29 June 2022YARAifyTool scans suspicious files against a large repository of YARA rules

Not-so-ready meals

Food distributor Apetito restores limited deliveries following cyber-attack28 June 2022Not-so-ready mealsFood distributor Apetito restores limited deliveries following cyber-attack

RaaS explosion

Rise in off-the-shelf cybercrime kits continues28 June 2022RaaS explosionRise in off-the-shelf cybercrime kits continues

UK Computer Misuse Act

Statutory defense for ethical hacking tabled23 June 2022UK Computer Misuse ActStatutory defense for ethical hacking tabled

Critical Citrix ADM vulnerability creates means to reset admin passwords

20 June 2022Critical Citrix ADM vulnerability creates means to reset admin passwordsImproper access control flaw poses DoS-to-RCE hijack risk

Poisoned cache

Zimbra patches memcached injection flaw that imperils user credentials16 June 2022Poisoned cacheZimbra patches memcached injection flaw that imperils user credentials

GhostTouch

New research shows how electromagnetic interference can be used to trigger arbitrary behavior on mobile touchscreens14 June 2022GhostTouchNew research shows how electromagnetic interference can be used to trigger arbitrary behavior on mobile touchscreens

Hiding in the shadows

Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns13 June 2022Hiding in the shadowsCybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns

Bug bounty

French government launches private program for identity authentication app13 June 2022Bug bountyFrench government launches private program for identity authentication app

Turkish flight operator Pegasus Airlines suffers data breach

09 June 2022Turkish flight operator Pegasus Airlines suffers data breachData protection regulator confirms sensitive information was leaked

‘Flexibility, creativity, remote working’

Vast majority of ethical hackers keen to spend more time bug bounty hunting07 June 2022‘Flexibility, creativity, remote working’Vast majority of ethical hackers keen to spend more time bug bounty hunting

Tipping the scales

Unpatched bugs pose takeover threat to weight monitoring app06 June 2022Tipping the scalesUnpatched bugs pose takeover threat to weight monitoring app

‘Russia is failing’

Mikko Hyppönen shares insight into the mission to destabilize Ukraine’s networks after a series of thwarted cyber-attacks02 June 2022‘Russia is failing’Mikko Hyppönen shares insight into the mission to destabilize Ukraine’s networks after a series of thwarted cyber-attacks

Hacking tools export ban

US tweaks rule to alleviate infosec industry misgivings01 June 2022Hacking tools export banUS tweaks rule to alleviate infosec industry misgivings