About

Archive - June 2022

Bug Bounty Radar // The latest bug bounty programs for July 2022 30 June 2022 at 14:52 UTC OpenSea among six organizations affected by email address leak by rogue employee at third-party vendor 30 June 2022 at 13:10 UTC Chromium browsers vulnerable to dangling markup injection 30 June 2022 at 10:20 UTC UnRAR path traversal flaw can lead to RCE in Zimbra 29 June 2022 at 15:14 UTC YARAify: Defensive tool scans suspicious files against a large repository of YARA rules 29 June 2022 at 11:03 UTC Dozens of cryptography libraries vulnerable to private key theft 28 June 2022 at 15:38 UTC Ready meal distributor Apetito restores ‘limited’ deliveries in UK following cyber-attack 28 June 2022 at 14:30 UTC Ransomware market evolution results in fewer variants, but rise in off-the-shelf cybercrime kits continues 28 June 2022 at 12:26 UTC Researchers crack MEGA’s ‘privacy by design’ storage, encryption 27 June 2022 at 16:34 UTC Untrusted types: Researcher demos trick to beat Trusted Types protection in Google Chrome 27 June 2022 at 15:25 UTC Oracle patches ‘miracle exploit’ impacting Middleware Fusion, cloud services 27 June 2022 at 13:45 UTC BSides Cleveland organizer steps down after controversial guest added as ‘surprise’ speaker 24 June 2022 at 11:01 UTC Statutory defense for ethical hacking under UK Computer Misuse Act tabled 23 June 2022 at 14:06 UTC Splunk patches critical vulnerability while users push for legacy updates 23 June 2022 at 12:03 UTC One in every 13 incidents blamed on API insecurity – report 22 June 2022 at 16:41 UTC Severe Parse Server bug impacts Apple Game Center 22 June 2022 at 14:08 UTC Single largest disclosure for vulnerabilities in industrial control security reveals 56 flaws 21 June 2022 at 16:30 UTC Jacuzzi customer details could be exposed by SmartTub web bugs, claims researcher 21 June 2022 at 15:10 UTC Critical Citrix ADM vulnerability creates means to reset admin passwords 20 June 2022 at 15:44 UTC Internet scans find 1.6 million secrets leaked by websites 20 June 2022 at 14:11 UTC Attackers can use ‘Scroll to Text Fragment’ web browser feature to steal data – research 20 June 2022 at 13:07 UTC Russian botnet ‘RSOCKS’ dismantled after hacking millions of devices 17 June 2022 at 17:55 UTC Reddit patches CSRF vulnerability that forced users to view NSFW content 17 June 2022 at 15:26 UTC RubyGems trials 2FA-by-default in code repo’s latest security effort 17 June 2022 at 12:17 UTC Ransomware attack on Montrose Environmental Group disrupts lab testing services 16 June 2022 at 14:09 UTC Business email platform Zimbra patches memcached injection flaw that imperils user credentials 16 June 2022 at 11:04 UTC Dark web awash with breached credentials, study finds 15 June 2022 at 14:26 UTC Security researcher receives legal threat over patched Powertek data center vulnerabilities 15 June 2022 at 12:33 UTC Data breach at US ambulance billing service Comstar exposed patients’ healthcare information 15 June 2022 at 10:45 UTC HID Mercury access control vulnerabilities leave door open to lock manipulation 14 June 2022 at 15:54 UTC Oblivious DNS-over-HTTPS offers privacy enhancements to secure lookup protocol 14 June 2022 at 14:46 UTC GhostTouch: Hackers can reach your phone’s touchscreen without even touching it 14 June 2022 at 12:51 UTC Kaiser Permanente data breach exposed healthcare records of 70,000 patients 13 June 2022 at 15:50 UTC Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns 13 June 2022 at 14:44 UTC French government launches private bug bounty program for identity authentication app 13 June 2022 at 13:24 UTC US Justice Department offers blueprint for more ‘innovative, secure IT capabilities’ 10 June 2022 at 15:05 UTC Separate Fujitsu cloud storage vulnerabilities could enable attackers to destroy virtual backups 10 June 2022 at 12:34 UTC Chinese cyber threat actors are widely abusing well-known attacks to infiltrate networks, CISA warns 09 June 2022 at 15:18 UTC Researcher defends Formidable in fight against ‘critical’ CVE vulnerability assignment 09 June 2022 at 14:02 UTC Turkish flight operator Pegasus Airlines suffers data breach 09 June 2022 at 12:29 UTC WWDC 2022: Apple showcases next-gen security tech at annual developer event 08 June 2022 at 13:52 UTC Indian VPN providers resist incoming data-logging law 08 June 2022 at 10:28 UTC Google showers top cloud security researchers with kudos and cash 07 June 2022 at 15:48 UTC HTTP/3 evolves into RFC 9114 – a security advantage, but not without challenges 07 June 2022 at 13:38 UTC Vast majority of ethical hackers keen to spend more time bug bounty hunting – report 07 June 2022 at 10:25 UTC Unpatched bug chain poses ‘mass account takeover’ threat to Yunmai weight monitoring app 06 June 2022 at 14:20 UTC Incoming! Atlassian Confluence attacks prompt calls for rapid patching 06 June 2022 at 12:53 UTC Insight: Russia is ‘failing’ in its mission to destabilize Ukraine’s networks after a series of thwarted cyber-attacks 02 June 2022 at 10:38 UTC Researcher goes public with WordPress CSP bypass hack 01 June 2022 at 16:40 UTC US export ban on hacking tools tweaked after public consultation 01 June 2022 at 15:54 UTC Horde Webmail contains zero-day RCE bug with no patch on the horizon 01 June 2022 at 14:34 UTC