About

Archive - February 2023

Bug Bounty Radar // The latest bug bounty programs for March 2023 28 February 2023 at 19:15 UTC Indian transport ministry flaws potentially allowed creation of counterfeit driving licenses 28 February 2023 at 14:15 UTC Password managers: A rough guide to enterprise secret platforms 27 February 2023 at 15:30 UTC Chromium bug allowed SameSite cookie bypass on Android devices 27 February 2023 at 11:50 UTC Deserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers years-long attack campaign, and XSS Hunter adds e2e encryption 24 February 2023 at 13:09 UTC NIST plots biggest ever reform of Cybersecurity Framework 23 February 2023 at 15:55 UTC Cisco ClamAV anti-malware scanner vulnerable to serious security flaw 22 February 2023 at 14:23 UTC CVSS system criticized for failure to address real-world impact 21 February 2023 at 15:34 UTC ‘Most web API flaws are missed by standard security tests’ – Corey J Ball on securing a neglected attack vector 20 February 2023 at 13:58 UTC HTTP request smuggling bug patched in HAProxy 17 February 2023 at 16:05 UTC Belgium launches nationwide safe harbor for ethical hackers 15 February 2023 at 16:49 UTC Remote code execution flaw patched in Apache Kafka 15 February 2023 at 14:01 UTC Password manager security: Which is the right option for me? 14 February 2023 at 15:58 UTC Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack 10 February 2023 at 16:30 UTC OAuth ‘masterclass’ crowned top web hacking technique of 2022 10 February 2023 at 14:56 UTC Radio silence from DMS vendor quartet over XSS zero-days 10 February 2023 at 11:55 UTC New XSS Hunter host Truffle Security faces privacy backlash 09 February 2023 at 17:12 UTC Second UK Computer Misuse Act consultation reflects ‘very little progress’ 08 February 2023 at 17:02 UTC DOM XSS vulnerability in Gartner Peer Insights widget patched 08 February 2023 at 13:42 UTC Toyota sealed up a backdoor to its global supplier management network 07 February 2023 at 17:34 UTC Google engineers plot to mitigate prototype pollution 06 February 2023 at 15:57 UTC Serious security hole plugged in infosec tool binwalk 03 February 2023 at 16:36 UTC Truffle Security relaunches XSS Hunter tool with new features 02 February 2023 at 15:08 UTC Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’ 01 February 2023 at 12:18 UTC