Archive - December 2020

US court order brings down the shutters on tech support scam impacting the elderly 31 December 2020 at 16:54 UTC Swig Security Review 2020 – Part II 31 December 2020 at 15:02 UTC Fines against banks for data breaches and noncompliance more than doubled in 2020 31 December 2020 at 13:55 UTC Bug Bounty Radar // The latest bug bounty programs for December 2020 31 December 2020 at 00:00 UTC Swig Security Review 2020 – Part I 30 December 2020 at 15:02 UTC GenRx Pharmacy ransomware attack leads to HIPAA data breach disclosure 30 December 2020 at 12:33 UTC Latest web hacking tools – Q4 2020 29 December 2020 at 16:39 UTC Kawasaki Heavy Industries reports data breach as attackers found with year-long network access 29 December 2020 at 12:21 UTC Third edition of US Army bug bounty program prepared for deployment 28 December 2020 at 14:58 UTC NetGalley data breach: Publishing industry website forces password reset following ‘security incident’ 24 December 2020 at 16:53 UTC Cross-layer attacks: New hacking technique raises DNS cache poisoning, user tracking risk 24 December 2020 at 11:57 UTC Vulnerabilities in Treck TCP/IP stack open the door to DoS, remote code execution exploits 23 December 2020 at 15:57 UTC Nintendo 3DS digital certificate vulnerability earns researcher $12,000 bug bounty 23 December 2020 at 14:36 UTC ‘Air-Fi’ attack renders air-gapped computers open to data exfiltration through WiFi signals 23 December 2020 at 12:28 UTC Safe-Inet: VPN service for cybercriminals taken down in law enforcement bust 22 December 2020 at 18:27 UTC DuckDuckGo: ‘We deserve simple tools that empower privacy, without trade-offs’ 22 December 2020 at 15:12 UTC Database security: SAP HANA authentication flaw allowed attacker to pose as different user 22 December 2020 at 13:06 UTC FBI’s dark web investigations hampered by inefficiencies, overlapping objectives of different units 21 December 2020 at 16:52 UTC Bcrypt implementation flaw in Bouncy Castle crypto library laid bare 21 December 2020 at 15:58 UTC TinyCheck: Open source privacy project turns your Raspberry Pi into a stalkerware detection unit 21 December 2020 at 12:54 UTC Microsoft falls prey to SolarWinds supply chain cyber-attacks 18 December 2020 at 17:27 UTC Universities urged to review remote learning software in order to minimize security risks 18 December 2020 at 15:50 UTC Australia proposes Privacy Act 1988 reforms inspired by EU’s GDPR 18 December 2020 at 12:41 UTC Weak authentication created backdoor risk for D-Link routers 17 December 2020 at 17:00 UTC Trend Micro addresses remote takeover threat in InterScan Web Security Virtual Appliance 17 December 2020 at 14:05 UTC P2P mobile file transfer apps open to attacks, researchers find 17 December 2020 at 12:22 UTC F5 warns over ‘critical’ XSS flaw in BIG-IP 16 December 2020 at 16:14 UTC Swedish university fined $66,000 for GDPR violations 16 December 2020 at 14:01 UTC Zero-day XML mutation flaws in Go programming language can lead to authentication bypass 16 December 2020 at 11:49 UTC Data breach at Canadian financial services firm Desjardins highlights perils of insider threats 15 December 2020 at 15:43 UTC Healthcare security woes: More than 45 million medical images openly accessible online 15 December 2020 at 11:52 UTC Australian travel agency criticized over coding event that exposed sensitive user data to external software developers 14 December 2020 at 16:02 UTC Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack 14 December 2020 at 14:42 UTC Spotify security vulnerability exposed personal data to business partners 14 December 2020 at 12:12 UTC Data breach at US legal aid firm Brooklyn Defender Services exposed clients’ personal data 11 December 2020 at 16:00 UTC O365 Squatting: Open source tool finds malicious cloud-hosted domains before they’re used in phishing campaigns 11 December 2020 at 13:46 UTC Google makes it easier to qualify for higher payouts for Chrome browser engine bugs 11 December 2020 at 12:31 UTC XSS for PDFs – New injection technique offers rich pickings for security researchers 10 December 2020 at 15:44 UTC SnitchDNS framework offers automation and network monitoring features to pen testers 10 December 2020 at 14:31 UTC European Medicines Agency cyber-attack: Coronavirus vaccine documents ‘unlawfully accessed’, claim Pfizer and BioNTech 10 December 2020 at 12:26 UTC ‘Nation-state hack’ on cybersecurity firm FireEye rumored to be Russian cybercrime group APT29 09 December 2020 at 16:20 UTC Black Hat Europe: Diverse security teams are key to successful government cyber defense 09 December 2020 at 15:25 UTC GitHub offers tighter integration of security to development workflows 09 December 2020 at 14:32 UTC AttackForge pen test platform showcased at Black Hat Europe 09 December 2020 at 12:48 UTC Disputed bug in Microsoft Teams posed RCE risk, researcher warns 08 December 2020 at 17:40 UTC WordPress 5.6 lands with new auto-update UI, Site Health enhancements 08 December 2020 at 16:22 UTC Report: DevSecOps adoption gathers pace, but record on applying security updates is patchy 08 December 2020 at 15:25 UTC Hackers demand $34.7 million in Bitcoin after ransomware attack on Foxconn 08 December 2020 at 14:01 UTC EU:Africa hackathon seeks innovative solutions to ‘post-crisis’ Covid-19 challenges 07 December 2020 at 16:41 UTC Cross-platform browser data leak flaw could be applied to attack reconnaissance 07 December 2020 at 15:01 UTC Google invites security researchers to collaborate on new XS-Leaks wiki platform 07 December 2020 at 13:38 UTC More than half of GDPR fines issued by UK data privacy watchdog remain unpaid 04 December 2020 at 16:18 UTC Critical CSRF flaw in Glassdoor nets security researcher $3,000 bug bounty 04 December 2020 at 14:53 UTC Hey Alexa, what’s my PIN? Researchers show voice assistants can hear the taps made on a smartphone keyboard 03 December 2020 at 17:16 UTC Fake websites and false cures: Interpol warns of Covid-19 vaccine scams 03 December 2020 at 16:13 UTC Meet urlhunter, the URLTeam companion and shortened URL search engine 03 December 2020 at 13:21 UTC Crypto-mining malware fiends exploit insecure Docker installations with botnet 02 December 2020 at 16:50 UTC Zero-day vulnerabilities in healthcare records application OpenClinic could expose patients’ test results 02 December 2020 at 15:54 UTC Censys: How a university project became a major commercial security platform 02 December 2020 at 13:31 UTC Mind the gap: CERT report reveals security holes across Polish education sector 02 December 2020 at 12:23 UTC Researchers nab $4,000 bug bounty after discovering SSRF vulnerability in Snapchat’s ad platform 01 December 2020 at 17:18 UTC Royal Dutch Cycling Union refuses to pay ransom following data breach 01 December 2020 at 14:00 UTC US black hat jailed for swatting attacks, cyber-threats made against schools and airlines 01 December 2020 at 11:59 UTC