About

Archive - December 2021

Security done right: Celebrating infosec wins in 2021 31 December 2021 at 16:30 UTC The Matrix Resurrections review: Latest film instalment offers nostalgia but no denouement 31 December 2021 at 15:23 UTC Bug Bounty Radar // The latest bug bounty programs for January 2022 31 December 2021 at 14:38 UTC HCL Technologies patches serious vulnerabilities in HCL DX 30 December 2021 at 16:45 UTC Swig Security Review 2021 – Part II 30 December 2021 at 15:32 UTC Swig Security Review 2021 – Part I 29 December 2021 at 16:11 UTC LastPass quells cyber-attack fears, blames email notification surge on ‘glitch’ 29 December 2021 at 14:44 UTC Indian authorities set to tighten data breach laws in 2022 29 December 2021 at 11:50 UTC #12DaysofSwigmas – Happy Holidays from The Daily Swig 24 December 2021 at 15:02 UTC Raimund Genes Cup: Trio of near misses ends as PwnThyBytes finally claims CTF title 24 December 2021 at 12:16 UTC Wireless coexistence – New attack technique exploits Bluetooth, WiFi performance features for ‘inter-chip privilege escalation’ 23 December 2021 at 15:28 UTC US clothing supplier Pro Wrestling Tees hit by data breach 23 December 2021 at 14:22 UTC Bug bounty platforms handling thousands of Log4j vulnerability reports 22 December 2021 at 16:35 UTC Anti-cheating browser extension fails web security examination 22 December 2021 at 15:24 UTC Multiple vulnerabilities in Microsoft Teams could spoof URLs, leak IP addresses 22 December 2021 at 13:21 UTC Survey scams rekindled using advertising industry tricks to deliver tailor-made assaults 21 December 2021 at 16:22 UTC Safe browsing: Google fixes Chrome Site Isolation bypass bug 21 December 2021 at 15:20 UTC Ubisoft confirms Just Dance video game data breach 21 December 2021 at 13:56 UTC Security researcher earns plaudits after discovering Yandex SSRF flaw 20 December 2021 at 15:39 UTC Healthcare provider Texas ENT alerts 535,000 patients to data breach 20 December 2021 at 14:44 UTC Teen hacker scoops $4,500 bug bounty for Facebook flaw that allowed attackers to unmask page admins 20 December 2021 at 12:10 UTC Ukraine hosts large-scale simulation of cyber-attack against energy grid 17 December 2021 at 15:57 UTC Respect in Security: Anti-harassment infosec industry group gains momentum with code of conduct campaign 17 December 2021 at 13:36 UTC Desjardins data breach: Class action lawsuit agreement reaches $201 million 17 December 2021 at 12:24 UTC SAP squashes SQL injection, XSS bugs in December patch round 16 December 2021 at 16:02 UTC UK government reveals plans to become ‘global cyber power’ in 2022 16 December 2021 at 14:15 UTC How expired web domains help criminal hackers unlock enterprise defenses 16 December 2021 at 12:59 UTC Propane distributor Superior Plus admits ransomware breach 15 December 2021 at 17:14 UTC Log4j: Security pros call for urgent patch implementation as in-the-wild exploitation continues 15 December 2021 at 16:20 UTC US government launches ‘Hack the DHS’ bug bounty program 15 December 2021 at 15:39 UTC PyPI admins remove three malicious packages after more than 10,000 downloads 14 December 2021 at 16:09 UTC Severe Chrome bug allowed RCE on devices running remote headless interface 14 December 2021 at 13:45 UTC Cybercrime forums developing court-like system for dispute resolution 14 December 2021 at 11:53 UTC Intel adds payout bonuses as it migrates bug bounty program to Intigriti 13 December 2021 at 16:28 UTC Zero-day vulnerability in Hillrom cardiology devices could allow attackers full control 13 December 2021 at 14:03 UTC Russian man sentenced to prison for ‘crypting’ service that concealed malware from antivirus programs 10 December 2021 at 15:59 UTC ‘Log4Shell’ vulnerability poses critical threat to applications using ‘ubiquitous’ Java logging package Apache Log4j 10 December 2021 at 14:56 UTC Human error bugs increasingly making a splash in hacker-powered pen tests – report 10 December 2021 at 12:12 UTC OWASP ModSecurity Core Rule Set sandbox launched to help security researchers test new CVEs 09 December 2021 at 15:55 UTC US food importer Atalanta admits ransomware attack 09 December 2021 at 14:48 UTC Grafana urges web devs to update following path traversal bug disclosure 09 December 2021 at 13:43 UTC GOautodial vulnerabilities put call center network security on the line 08 December 2021 at 19:59 UTC US Department of Homeland Security heeds calls for tougher transport cybersecurity rules 08 December 2021 at 16:23 UTC Flaws in Tonga’s top-level domain left Google, Amazon, Tether web services vulnerable to takeover 07 December 2021 at 16:43 UTC Drive-by RCE in Windows 10 ‘can be executed with a single click’ 07 December 2021 at 16:00 UTC Critical web security flaws in Kaseya Unitrends backup appliances remediated after researchers’ disclosure 07 December 2021 at 15:22 UTC SSRF vulnerability patched in Jamf Pro mobile security platform 07 December 2021 at 10:28 UTC Web security bugs discovered in CATIE assisted living framework 06 December 2021 at 17:00 UTC Critical vulnerabilities in open source forum software NodeBB could lead to RCE 06 December 2021 at 15:10 UTC Crypto-exchange BitMart reports $150 million theft following hack 06 December 2021 at 12:43 UTC Pip-audit: Google-backed tool probes Python environments for vulnerable packages 03 December 2021 at 15:36 UTC US identity thieves jailed over $130,000 scam that targeted the elderly 03 December 2021 at 14:15 UTC FTC implements tougher data protection rules to safeguard customer information 03 December 2021 at 12:47 UTC Ransomware groups increasingly using data leak threats to pile pressure on victims 02 December 2021 at 16:58 UTC Insider threat: Tech firm was hacked and extorted by its own employee, says FBI 02 December 2021 at 14:15 UTC Data breach at Florida school district impacts 50,000 students and employees 02 December 2021 at 12:50 UTC ‘Over-permissive’ authentication checks left 190 Australian organizations vulnerable to business email compromise attacks 01 December 2021 at 15:32 UTC Sixth member of notorious SIM-swapping cybercrime gang sentenced 01 December 2021 at 13:29 UTC Web cache poisoning bug discovered in Symfony PHP framework 01 December 2021 at 10:38 UTC