About

Archive - February 2022

Bug Bounty Radar // The latest bug bounty programs for March 2022 28 February 2022 at 17:26 UTC Cyber-attack on Nvidia linked to Lapsus$ ransomware gang 28 February 2022 at 16:30 UTC Bridgestone Americas ‘disconnects’ manufacturing facilities following ‘security incident’ 28 February 2022 at 12:26 UTC Flurry Finance heist nets crypto thieves $295k 25 February 2022 at 15:20 UTC Data study reveals predictors of supply chain attacks in NPM repositories 25 February 2022 at 13:58 UTC DNA data of sexual assault victims exposed in breach at US laboratory 25 February 2022 at 12:00 UTC Data wiper deployed in cyber-attacks targeting Ukrainian systems 24 February 2022 at 15:25 UTC US fraudster jailed over $300k business email compromise scheme 24 February 2022 at 13:20 UTC Zero-day XSS vulnerability in Horde webmail client can be triggered by file preview function 24 February 2022 at 11:45 UTC EU countries offer cyber-defense assistance to Ukraine 23 February 2022 at 16:40 UTC India’s Personal Data Privacy Bill: What does it mean for individuals and businesses? 23 February 2022 at 13:44 UTC Google Groups unsubscribe feature abused to remove members without consent 23 February 2022 at 11:52 UTC AirTag clone bypassed Apple’s tracking-protection features, claims researcher 22 February 2022 at 15:42 UTC Zero-day RCE flaw among multiple bugs found in Extensis Portfolio – research 22 February 2022 at 14:27 UTC Jaw-dropping Coinbase security bug allowed users to steal unlimited cryptocurrency 22 February 2022 at 11:37 UTC Introducing Ghostbuster – AWS security tool protects against dangling elastic IP takeovers 21 February 2022 at 15:00 UTC Red Cross servers ‘were hacked via unpatched ManageEngine flaw’ 18 February 2022 at 17:32 UTC Critical vulnerabilities in Zabbix Web Frontend allow authentication bypass, code execution on servers 18 February 2022 at 14:41 UTC Lagging behind? New study highlights weaknesses in open source patch process 18 February 2022 at 12:02 UTC Microsoft bolsters Edge browser security with enhanced features 17 February 2022 at 15:50 UTC Russian nation-state hackers targeting US contractors for sensitive defense information, FBI warns 17 February 2022 at 13:48 UTC Port of LA’s new Cyber Resilience Center aims to bolster physical and digital supply chain defenses 17 February 2022 at 11:56 UTC MFA fatigue attacks: Users tricked into allowing device access due to overload of push notifications 16 February 2022 at 15:40 UTC Poisoned pipelines: Security researcher explores attack methods in CI environments 16 February 2022 at 14:32 UTC Emergency Adobe Commerce, Magento patches follow ‘limited’ in-the-wild attacks on vulnerable deployments 16 February 2022 at 12:24 UTC New tool can uncover redacted, pixelated text to reveal sensitive data 15 February 2022 at 15:40 UTC Grafana web security vulnerability opened a plethora of attack possibilities 15 February 2022 at 14:19 UTC Internet Society data leak exposed 80,000 members’ login details 15 February 2022 at 12:54 UTC Missouri prosecutor declines to file charges over ‘hacker’ allegation against reporter 14 February 2022 at 15:45 UTC New Zealand government mandates bug reporting process for federal agencies 14 February 2022 at 13:42 UTC Google Project Zero hails dramatic acceleration in security bug remediation 11 February 2022 at 19:49 UTC Nintendo Switch hacker sent behind bars, owes video game giant further $4.5m 11 February 2022 at 14:54 UTC Tool trio released to protect JavaScript applications from malicious NPM packages 11 February 2022 at 11:10 UTC Cryptocurrency firm MakerDAO offers record $10m in newly launched bug bounty program 10 February 2022 at 19:00 UTC Ransomware surge prompts joint NCSC, CISA warning to safeguard systems 10 February 2022 at 16:38 UTC Dependency confusion tops the PortSwigger annual web hacking list for 2021 10 February 2022 at 11:50 UTC Couple charged with laundering proceeds from $4.5bn Bitfinex cryptocurrency hack 09 February 2022 at 15:31 UTC Cyber-attack at Vodafone Portugal knocks mobile network services offline 09 February 2022 at 14:05 UTC FTC set to ramp up privacy and security rule-making activity in 2022 09 February 2022 at 11:58 UTC Zero-day vulnerabilities in Nooie baby monitors could allow video feed hijack 08 February 2022 at 15:50 UTC UK anti-encryption drive meets fierce resistance from privacy, security advocates 08 February 2022 at 14:27 UTC Equifax finalizes data breach settlement with US regulators 07 February 2022 at 16:32 UTC Email platform Zimbra issues hotfix for XSS vulnerability under active exploitation 07 February 2022 at 14:13 UTC Suspected data breach at Washington State Department of Licensing 07 February 2022 at 11:45 UTC Google Drive integration errors created SSRF flaws in multiple applications 04 February 2022 at 15:15 UTC Vulnerabilities in Cisco Small Business routers could allow unauthenticated attackers persistent access to internal networks 04 February 2022 at 13:35 UTC Open Source Security Foundation launches new initiative to stem the tide of software supply chain attacks 04 February 2022 at 11:40 UTC Bittersweet Symfony: Devs accidentally turn off CSRF protection in PHP framework 03 February 2022 at 16:52 UTC Cloudflare bug bounty program goes public with $3,000 rewards on offer 03 February 2022 at 15:56 UTC SnapFuzz: New fuzzing tool speeds up testing of network applications 03 February 2022 at 12:23 UTC Serious vulnerability in WordPress plugin Essential Addons for Elementor eliminated 02 February 2022 at 15:37 UTC Fastly patches memory leak HTTP/3 vulnerability in H2O HTTP server project 02 February 2022 at 14:03 UTC British Council data breach leaks 10,000 student records 02 February 2022 at 12:44 UTC Critical Samba flaw presents code execution threat 01 February 2022 at 16:20 UTC SureMDM bug chain enabled wholesale compromise of managed devices 01 February 2022 at 15:05 UTC Decryption key released for DeadBolt ransomware after QNAP NAS devices infected 01 February 2022 at 13:59 UTC