U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
Meanwhile, Zerodium’s quest to buy VPN exploits is problematic, researchers said.
The launch of a standing offer to pay for Windows virtual private network (VPN) software zero-day exploits came to...
VPN Exposes Data for 1M Users, Leading to Researcher Questioning
Experts warn that virtual private networks are increasingly vulnerable to leaks and attack.
Free virtual private network (VPN) service Quickfox, which provides access to Chinese websites from outside the country,...
Time to Build Accountability Back into Cybersecurity
Chris Hass, director of information security and research at Automox, discusses how to assign security responsibility, punishment for poor cyber-hygiene and IDing ‘security champions’ to help small businesses.
In the...
Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak
Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees.
The St. Louis...
Missouri Vows to Prosecute ‘Hacker’ Who Disclosed Data Leak
Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees.
The St. Louis...
Rickroll Grad Prank Exposes Exterity IPTV Bug
IPTV and IP video security is increasingly under scrutiny, even by high school kids.
When Township High School District 214 in Illinois got rickrolled all at once across its six...
Mandating a Zero-Trust Approach for Software Supply Chains
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
In the wake of the SolarWinds...
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained...
Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug
The bug is under attack. Within hours of the patch release, a researcher published POC code, calling it a “great” flaw that can be used for jailbreaks and local...
Canopy Parental Control App Wide Open to Unpatched XSS Bugs
The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users.
Canopy, a parental control app that offers a range of features meant to protect kids...