About

Archive - May 2022

Bug Bounty Radar // The latest bug bounty programs for June 2022 31 May 2022 at 16:50 UTC Connecticut becomes fifth US state to enact comprehensive consumer privacy law 31 May 2022 at 14:14 UTC Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack 30 May 2022 at 16:22 UTC Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study finds 30 May 2022 at 15:30 UTC NIS2: Experts share their views on the EU’s upcoming cybersecurity directive 30 May 2022 at 11:05 UTC Patch released for cross-domain cookie leakage flaw in Guzzle 27 May 2022 at 14:10 UTC Security ‘researcher’ hits back against claims of malicious CTX file uploads 27 May 2022 at 10:46 UTC LinkedIn bug bounty program goes public with rewards of up to $18k 26 May 2022 at 15:26 UTC Canadian healthcare provider issues data breach warning after server hack 26 May 2022 at 14:11 UTC Volatile market for stolen credit card data shaken up by sanctions against Russia 25 May 2022 at 14:38 UTC Tails users warned not to launch bundled Tor Browser until security fix is released 25 May 2022 at 13:00 UTC Malicious Python library CTX removed from PyPI repo 25 May 2022 at 10:32 UTC DBIR 2022: Ransomware surge increases global data breach woes 24 May 2022 at 16:01 UTC Critical Argo CD vulnerability could allow attackers admin privileges 24 May 2022 at 13:59 UTC European Council extends sanction regime to deter future cyber-attacks 24 May 2022 at 12:35 UTC Pwn2Own Vancouver: 15th annual hacking event pays out $1.2m for high-impact security bugs 23 May 2022 at 16:30 UTC Chicago Public Schools data breach blamed on third-party ransomware attack 23 May 2022 at 15:20 UTC Yik Yak fixes information disclosure bug that leaked users’ GPS location 23 May 2022 at 14:10 UTC Blockchain bridge Wormhole pays record $10m bug bounty reward 23 May 2022 at 13:16 UTC WordPress theme Jupiter patches critical privilege escalation flaw 20 May 2022 at 14:56 UTC Widespread Swagger-UI library vulnerability leads to DOM XSS attacks 20 May 2022 at 13:29 UTC US revises policy regarding Computer Fraud and Abuse Act, will not prosecute good faith research 20 May 2022 at 11:21 UTC Active attacks against VMware flaws prompts emergency update directive 19 May 2022 at 15:14 UTC Encrypted email service CTemplar announces closure 19 May 2022 at 14:02 UTC Rogue cloud users could sabotage fellow off-prem tenants via critical Flux flaw 19 May 2022 at 12:54 UTC Popular websites leaking user email data to web tracking domains 18 May 2022 at 15:21 UTC DevSecOps and cybersecurity skills are top priorities for enterprise IT – report 18 May 2022 at 14:11 UTC Facebook account takeover: Researcher scoops $40k bug bounty for chained exploit 18 May 2022 at 11:11 UTC ‘Eternity malware’ offers Swiss Army knife of cybercrime tools 17 May 2022 at 15:26 UTC Medical doctor charged with creating the Thanos ransomware builder 17 May 2022 at 14:12 UTC Firefox debuts improved process isolation to reduce browser attack surface 17 May 2022 at 13:10 UTC UK government sits out bug bounty boom but welcomes vulnerability disclosure 16 May 2022 at 14:42 UTC SharePoint RCE bug resurfaces three months after being patched by Microsoft 16 May 2022 at 13:38 UTC Parker Hannifin reveals cyber-attack exposed sensitive data of 119,000 individuals 16 May 2022 at 10:48 UTC Black Hat Asia: ‘If democracy is to survive, technology will have to be tamed’ 13 May 2022 at 16:09 UTC Brace of Icinga web vulnerabilities ‘easily chained’ to hack IT monitoring software 13 May 2022 at 13:49 UTC Ukrainian hacker jailed for selling account credentials on the dark web 13 May 2022 at 12:27 UTC Marcus Hutchins on halting the WannaCry ransomware attack – ‘Still to this day it feels like it was all a weird dream’ 12 May 2022 at 14:52 UTC Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit 12 May 2022 at 14:06 UTC Box, Zoom, Google Docs offer phishing boost with ‘vanity URL’ flaws 12 May 2022 at 12:42 UTC CyberUK 2022: Global power conflicts creating ‘balkinization’ of cybersecurity tech 11 May 2022 at 15:53 UTC RuTube hack: Russian video platform denies loss of source code following cyber-attack 11 May 2022 at 11:53 UTC NIST refreshes software supply chain risk management guidance 11 May 2022 at 10:56 UTC UK government blocked four times as many cyber-scams in 2021 than previous year, CyberUK delegates told 10 May 2022 at 15:19 UTC Russia behind cyber-attack on satellite internet network KA-SAT that disrupted Ukrainian infrastructure – EU 10 May 2022 at 12:52 UTC EU targets standardization as key to bloc-wide cyber-resilience 10 May 2022 at 10:52 UTC Quantum leap: Biden administration commits to ensuring US leadership in emerging tech 09 May 2022 at 13:58 UTC BIG-IP: Proof-of-concept released for RCE vulnerability in F5 network management tool 09 May 2022 at 12:50 UTC WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued 06 May 2022 at 13:36 UTC UK government calls for tougher protections against malicious mobile apps 06 May 2022 at 12:11 UTC Heroku resets user passwords after concluding April cyber-attack ran deep 05 May 2022 at 14:10 UTC India to introduce six-hour data breach notification rule 05 May 2022 at 11:55 UTC Serious Snipe-IT bug exploitable to send password reset email traps 05 May 2022 at 09:47 UTC Zero-day bug in uClibc library could leave IoT devices vulnerable to DNS poisoning attacks 04 May 2022 at 14:15 UTC State Bar of Georgia reels from cyber-attack 04 May 2022 at 13:01 UTC TLStorm 2.0: Millions of Aruba and Avaya network switches affected by RCE flaws 04 May 2022 at 11:23 UTC Path traversal flaw found in OWASP enterprise library of security controls 03 May 2022 at 15:02 UTC Data breach at US energy supplier Riviera Utilities exposes customer information 03 May 2022 at 12:45 UTC Poisoned packages: NPM developer reputations could be leveraged to legitimize malicious software 03 May 2022 at 10:45 UTC Security bug in VMWare Workspace ONE could allow access to internal, cloud networks 02 May 2022 at 12:31 UTC