Belgium launches nationwide safe harbor for ethical hackers
Adam Bannister 15 February 2023 at 16:49 UTC Updated: 15 February 2023 at 17:05 UTC New legal protections for security...
Read more →Category: PortSwigger
Remote code execution flaw patched in Apache Kafka
Possible RCE and denial-of-service issue discovered in Kafka Connect Apache has resolved a vulnerability potentially exploitable to launch remote code...
Read more →
Password manager security: Which is the right option for me?
The first guide of our two-part series helps consumers choose the best way to manage their login credentials While we...
Read more →
Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack
Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news KeePass has become the latest password manager...
Read more →
OAuth ‘masterclass’ crowned top web hacking technique of 2022
Adam Bannister 10 February 2023 at 14:56 UTC Updated: 10 February 2023 at 14:58 UTC Single sign-on and request smuggling...
Read more →
Radio silence from DMS vendor quartet over XSS zero-days
No response or patch yet forthcoming from providers of vulnerable document management systems Researchers have disclosed a raft of serious...
Read more →
New XSS Hunter host Truffle Security faces privacy backlash
Adam Bannister 09 February 2023 at 17:12 UTC Updated: 09 February 2023 at 17:44 UTC Anonymized numbers of bug discoveries...
Read more →
Second UK Computer Misuse Act consultation reflects ‘very little progress’
Campaigner bemoans glacial progress of review and urges government to set clear timetable A review of the UK’s creaking cybercrime...
Read more →
DOM XSS vulnerability in Gartner Peer Insights widget patched
Web attack vector closed after failed fix Gartner has patched a DOM XSS vulnerability found in the Peer Insights widget,...
Read more →
Toyota sealed up a backdoor to its global supplier management network
Adam Bannister 07 February 2023 at 17:34 UTC Updated: 07 February 2023 at 17:38 UTC Hacker praises carmaker’s prompt response...
Read more →
Google engineers plot to mitigate prototype pollution
John Leyden 06 February 2023 at 15:57 UTC Updated: 06 February 2023 at 16:01 UTC Plan to create boundary between...
Read more →
Serious security hole plugged in infosec tool binwalk
Adam Bannister 03 February 2023 at 16:36 UTC Updated: 03 February 2023 at 16:37 UTC Path traversals could ‘void reverse...
Read more →