Archive - April 2020

Salt DevOps framework shaken by data center server security flaws 30 April 2020 at 15:08 UTC Bug Bounty Radar // The latest bug bounty programs for April 2020 30 April 2020 at 13:30 UTC Introducing PwnDrop: A self-deployable file hosting service for red teamers 30 April 2020 at 11:17 UTC Banner Health settlement approval brings years-long data breach saga to a close 29 April 2020 at 16:30 UTC Split opens up in Europe on privacy control for Covid-19 contact-tracing apps 29 April 2020 at 14:45 UTC Magento security: Adobe patches six critical flaws in e-commerce platform 29 April 2020 at 12:30 UTC Severe Netsweeper zero-day leaves gaping hole in users’ networks 29 April 2020 at 11:04 UTC Malicious advertising slingers up the ante during Covid-19 pandemic 28 April 2020 at 15:48 UTC Chrome Galvanizer released on GitHub to boost Chrome extension security 28 April 2020 at 13:58 UTC Cybersecurity professionals being sidetracked by coronavirus home-working drive 28 April 2020 at 12:26 UTC Swiss CERT warns of spear-phishing campaign targeting webmasters 28 April 2020 at 11:16 UTC Sophos XG Firewall zero-day vulnerability gets patched 27 April 2020 at 15:53 UTC Microsoft Teams accounts could be hijacked via malicious GIFs 27 April 2020 at 14:14 UTC ParamSpider: New tool helps in the discovery of URL parameter vulnerabilities 27 April 2020 at 11:19 UTC Firefox bug bounty: Mozilla raises payouts and abandons ‘first reporter wins’ policy 24 April 2020 at 14:12 UTC Network security: NSA offers advice on tackling web shell malware 24 April 2020 at 11:43 UTC How to become a CISO – Your guide to climbing to the top of the enterprise security ladder 24 April 2020 at 10:40 UTC CS:GO, Team Fortress 2 source code leak no cause for alarm – Valve 23 April 2020 at 15:18 UTC Secure communication: Indian government seeks home-grown Zoom alternative 23 April 2020 at 14:01 UTC Covid-19 cyber-espionage: Vietnam blamed for attacks on Chinese government 23 April 2020 at 13:12 UTC Cynet throws down gauntlet with launch of cyber-attack incident response challenge 22 April 2020 at 15:41 UTC Cloud security: Azure environments at risk from on-prem privilege escalation attack 22 April 2020 at 13:01 UTC IBM DRM vulnerabilities: ‘Process error’ resulted in miscommunication with security researcher 22 April 2020 at 09:59 UTC Scientists lobby government to build privacy into coronavirus contact-tracing apps 21 April 2020 at 15:01 UTC Google to subsidize bug bounty hunters during pandemic 21 April 2020 at 13:27 UTC Pastebin hints at new research subscription model after axing scraping API 21 April 2020 at 10:46 UTC Google unveils raft of security improvements for Chrome 83 20 April 2020 at 15:26 UTC Dropwizard RCE flaw now fully patched following partial fix 20 April 2020 at 12:34 UTC Tor Project lays off a third of staff due to coronavirus pressures 20 April 2020 at 11:21 UTC Coronavirus contact-tracing apps are worse than useless – Schneier 17 April 2020 at 16:06 UTC Ingram data breach: Digital content platform hack resulted in theft of publishers’ titles 17 April 2020 at 12:53 UTC Coronavirus: UK contact-tracing app raises privacy concerns 17 April 2020 at 11:28 UTC Dozens of malware-ridden mobile apps target Syrians with coronavirus lures 16 April 2020 at 15:46 UTC Magecart gang bypasses iframe protection on hosted payment site 16 April 2020 at 14:20 UTC Git security: Newline injection bug tricked version control system into leaking usernames and password 15 April 2020 at 14:56 UTC Exclusive: Meet the cybersecurity volunteers helping to protect the healthcare industry during the coronavirus outbreak 15 April 2020 at 13:46 UTC Expanding phishing kit market drives global cybercrime surge 15 April 2020 at 12:41 UTC San Francisco Airport data breach: Double website hack may have lifted users’ Windows login credentials 14 April 2020 at 16:36 UTC Dutch police shut down 15 DDoS-for-hire platforms 14 April 2020 at 14:47 UTC Interview: Metasploit founder HD Moore on bug bounties, computer security laws, and coronavirus 14 April 2020 at 13:00 UTC Ethereum 2.0 bug bounty program gathers pace ahead of major blockchain platform update 14 April 2020 at 11:42 UTC Cloud security: Microsoft launches ATT&CK-inspired matrix for Kubernetes 13 April 2020 at 13:52 UTC Brim network forensics tool makes juggling large traffic logs easy 10 April 2020 at 12:00 UTC Healthcare security: LA respiratory hospital hit by supplier data breach 09 April 2020 at 15:39 UTC Virtual cybersecurity conferences: An expanding list 09 April 2020 at 13:06 UTC Open source assessment platform riddled with XSS flaws 09 April 2020 at 11:00 UTC Micronaut CRLF injection bug opened the door to server-side request forgery 08 April 2020 at 15:23 UTC When corporate communications smell phishy: Why customers don’t trust your emails 08 April 2020 at 12:38 UTC Open TURN proxy granted unauthorized access to Slack’s infrastructure 08 April 2020 at 10:42 UTC Canadian Shield offers DNS-based protection against malware and phishing attacks 07 April 2020 at 14:10 UTC InQL will help developers discover GraphQL vulnerabilities 07 April 2020 at 12:28 UTC Charities, IT service workers most easily hoodwinked by phishing attacks – study 07 April 2020 at 09:54 UTC Latest web hacking tools – Q1 2020 06 April 2020 at 15:01 UTC Google rolls back Chrome SameSite cookie changes due to coronavirus concerns 06 April 2020 at 13:18 UTC APCERT holds cyber drill to stress-test response capabilities of 32 CSIRTs 06 April 2020 at 10:44 UTC Remote working security: Thousands of misconfigured Atlassian instances ripe for unauthorized access 03 April 2020 at 15:34 UTC Safari vulnerabilities created means for attackers to covertly access iPhone cameras 03 April 2020 at 13:57 UTC Cryptojacking campaign infects up to 3,000 Windows machines a day 03 April 2020 at 11:21 UTC Zoom security: Devs announce feature freeze and enhanced bug bounty program 02 April 2020 at 14:53 UTC INPS hack: Italy’s social security website back online following cyber-attack claims 02 April 2020 at 12:55 UTC Twisted programming framework stung by brace of request smuggling vulnerabilities 02 April 2020 at 11:02 UTC Zoom simplifies privacy policy in a bid to head off security concerns 01 April 2020 at 13:11 UTC XSS vulnerability found in Mozilla’s XSS-prevention library 01 April 2020 at 11:34 UTC