About

Archive - December 2022

Bug Bounty Radar // The latest bug bounty programs for January 2023 30 December 2022 at 13:40 UTC Security done right – infosec wins of 2022 30 December 2022 at 11:24 UTC Stupid security 2022 – this year’s infosec fails 29 December 2022 at 10:04 UTC Finding the next Log4j – OpenSSF’s Brian Behlendorf on pivoting to a ‘risk-centred view’ of open source development 23 December 2022 at 12:17 UTC Lean, green coding machine: How sustainable computing drive can reduce attack surfaces 22 December 2022 at 15:35 UTC Zoom Whiteboard patches XSS bug 22 December 2022 at 12:00 UTC Password theft bug chain patched in Passwordstate credential manager 21 December 2022 at 16:16 UTC How to become a penetration tester: Part 2 – ‘Mr Hacking’ John Jackson on the virtue of ‘endless curiosity’ 20 December 2022 at 16:52 UTC Safeurl HTTP library brings SSRF protection to Go applications 19 December 2022 at 12:30 UTC Deserialized web security roundup – Fortinet, Citrix bugs; another Uber breach; hacking NFTs at Black Hat 16 December 2022 at 17:43 UTC Critical IP spoofing bug patched in Cacti 15 December 2022 at 14:24 UTC Akamai WAF bypassed via Spring Boot to trigger RCE 14 December 2022 at 12:01 UTC Cloud flaws brought to the fore as bug bounty vulnerabilities hit 65k in 2022 – HackerOne 13 December 2022 at 16:15 UTC Black Hat Europe redux: The top web hacking talks for 2022 12 December 2022 at 17:23 UTC Black Hat Europe 2022: Hacking tools showcased at annual security conference 12 December 2022 at 11:41 UTC ChatGPT bid for bogus bug bounty is thwarted 09 December 2022 at 16:55 UTC JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs 09 December 2022 at 13:17 UTC NodeBB prototype pollution flaw could lead to account takeover 08 December 2022 at 13:57 UTC Black Hat Europe 2022: A defendable internet is possible, but only with industry makeover 07 December 2022 at 15:19 UTC Deserialized web security roundup: Algolia API key leak, GitHub CVE reporting, scoring CVSS scores 02 December 2022 at 17:19 UTC Go SAML library vulnerable to authentication bypass 02 December 2022 at 11:06 UTC Critical vulnerability allowed attackers to remotely unlock, control Hyundai, Genesis vehicles 01 December 2022 at 14:30 UTC Bug Bounty Radar // The latest bug bounty programs for December 2022 01 December 2022 at 12:39 UTC