About

Archive - April 2022

Bug Bounty Radar // The latest bug bounty programs for May 2022 29 April 2022 at 15:19 UTC Data breach at US healthcare provider ARcare impacts 345,000 individuals 29 April 2022 at 12:45 UTC GitHub offers post-mortem on recent security breach 29 April 2022 at 10:44 UTC Microsoft report unmasks at least six Russian nation-state actors responsible for cyber-attacks against Ukraine 28 April 2022 at 15:31 UTC Socket: New tool takes a proactive approach to prevent OSS supply chain attacks 28 April 2022 at 14:15 UTC VirusTotal debunks claims of a serious vulnerability in Google-owned antivirus service 27 April 2022 at 15:47 UTC Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi 27 April 2022 at 11:30 UTC Disavowed: Chrome plans to deprecate ‘document.domain’ lays the groundwork for shift in browser security 26 April 2022 at 17:30 UTC Bug bounty platform Intigriti offers new hourly payment option for vulnerability researchers 26 April 2022 at 15:44 UTC IBM database updates address critical vulnerabilities in third-party XML parser 25 April 2022 at 15:39 UTC OT security coalition aims to bolster industrial cybersecurity 25 April 2022 at 13:21 UTC Pwn2Own Miami: Hackers earn $400,000 by cracking ICS platforms 22 April 2022 at 15:06 UTC Hot patch for Log4Shell vulnerability in AWS allowed full host takeover 22 April 2022 at 13:38 UTC Hack Me, I’m Famous: Bug bounty hackathon nets security researcher €10,000 overnight 21 April 2022 at 14:30 UTC NIST revamps aging enterprise patch management guidance 21 April 2022 at 11:30 UTC Java encryption implementation error made it trivial to forge credentials 20 April 2022 at 19:00 UTC UK government employees receive ‘billions’ of malicious emails per year – report 20 April 2022 at 13:31 UTC Pegasus mobile spyware used zero-click exploits to snoop on Catalan politicians 19 April 2022 at 18:29 UTC Utah Consumer Privacy Act: New legislation adds another wrinkle to the US legal landscape 19 April 2022 at 13:20 UTC XSS vulnerability in open source tool PrivateBin patched 18 April 2022 at 11:30 UTC Tearing down red flags: Women in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros 15 April 2022 at 13:50 UTC Critical infrastructure entities on red alert over ‘exceptionally rare and dangerous’ ICS malware 14 April 2022 at 15:01 UTC Credit card industry standard revised to repel card-skimmer attacks 14 April 2022 at 14:10 UTC Git security vulnerabilities prompt updates 13 April 2022 at 14:32 UTC African banking sector targeted by malware-based phishing campaign 13 April 2022 at 12:27 UTC Internal AWS credentials swiped by researcher via SQL payload 12 April 2022 at 15:47 UTC OpenSSH 9.0 bakes in post-quantum cryptography to future proof against attacks 12 April 2022 at 14:32 UTC TruffleHog v3: API key leak detection tool adds support for more than 600 types 12 April 2022 at 09:59 UTC Access control vulnerability in Easy!Appointments platform exposed sensitive personal data 11 April 2022 at 15:57 UTC Attackers are abusing Spring4Shell vulnerability to spread Mirai botnet malware 11 April 2022 at 15:11 UTC PacketStreamer: New tool can aid research by revealing potential hacking behaviors 11 April 2022 at 10:52 UTC Third member of FIN7 cybercrime gang jailed over card skimming scheme 08 April 2022 at 14:20 UTC Command injection bug patched in Ruby library for converting AsciiDoc files 08 April 2022 at 11:13 UTC VMware patches critical flaws in Workspace ONE Access identity management software 07 April 2022 at 15:29 UTC Wake-up call: Is the infosec skills gap causing a mental health crisis? 07 April 2022 at 13:55 UTC Apple paid out $36,000 bug bounty for HTTP request smuggling flaws on core web apps – research 07 April 2022 at 12:54 UTC Authorities seize Hydra servers in bust against darknet cybercrime marketplace 06 April 2022 at 14:44 UTC UK retailer The Works blames store closures on POS problems following cyber-attack 06 April 2022 at 12:18 UTC Spring4Shell: Microsoft, CISA warn of limited, in-the-wild exploitation 06 April 2022 at 09:57 UTC US government launches Bureau of Cyberspace and Digital Policy to enhance cybersecurity across nation 05 April 2022 at 15:30 UTC Trend Micro warns of active attacks against Apex Central console 05 April 2022 at 14:32 UTC Singaporean cybersecurity agency launches certification scheme for businesses 05 April 2022 at 11:17 UTC Supply chain flaws in PHP package manager PEAR lay undiscovered for 15 years 04 April 2022 at 15:30 UTC Trezor cryptocurrency wallets targeted with phishing attacks following Mailchimp compromise 04 April 2022 at 14:15 UTC Cisco software update blocks exploit chain in network management software 04 April 2022 at 13:39 UTC Bug Bounty Radar // The latest bug bounty programs for April 2022 01 April 2022 at 14:44 UTC GitLab addresses critical account hijack bug 01 April 2022 at 13:36 UTC PHP bug allows attackers to bypass domain filters, stage DoS attacks against servers 01 April 2022 at 11:40 UTC Latest web hacking tools – Q2 2022 01 April 2022 at 09:37 UTC