Google Alert - site: portswigger.net/daily-swig/vulnerabilities


Pip-audit: Google-backed tool probes Python environments for vulnerable packages | The Daily Swig

UPDATED A tool has been launched with support from Google that scans Python environments for packages with known vulnerabilities. ‘Pip-audit’ … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/pip-audit-google-backed-tool-probes-python-environments-for-vulnerable-packages&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGr8VgkoFK5f6izJ92zu5U3PsOQ0A


FTC implements tougher data protection rules to safeguard customer information | The Daily Swig

New requirements for financial institutions include vulnerability assessments, employee training. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/ftc-implements-tougher-data-protection-rules-to-safeguard-customer-information&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFUoYTfYL90cI60zBI_oPkt9cHnIw


Insider threat: Tech firm was hacked and extorted by its own employee, says FBI – PortSwigger

The Daily Swig … planted damaging news stories falsely claiming the theft had been by a hacker enabled by a vulnerability in the company’s … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/insider-threat-tech-firm-was-hacked-and-extorted-by-its-own-employee-says-fbi&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGY40q9kC3ldnXp4OFOdmSMgNoJtw


Ransomware groups increasingly using data leak threats to pile pressure on victims | The Daily Swig

Data on 2,371 companies were released on ransomware data leak sites over … phishing and network vulnerabilities to infiltrate corporate networks … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/ransomware-groups-increasingly-using-data-leak-threats-to-pile-pressure-on-victims&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGFDs6NtgMExge_cnIOLGFGJ4i9Bg


Web cache poisoning bug discovered in Symfony PHP framework | The Daily SwigPortSwigger

The mishandling of HTTP headers left websites built on top of the Symfony platform vulnerable to web cache poisoning attacks. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/web-cache-poisoning-bug-discovered-in-symfony-php-framework&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNEVWKZLJdAb-WhmYS0ZrD2P7ywXvw


‘Over-permissive’ authentication checks left 190 Australian organizations vulnerable to …

… a vulnerability discovered more than two years after its conception. … cloud security architect at Palo Alto Networks, told The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/over-permissive-authentication-checks-left-190-australian-organizations-vulnerable-to-business-email-compromise-attacks&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFJ3qrYjvE9rUi1lJaIo9p6W0l24g


Panasonic admits data breach after attackers gain access to file server | The Daily Swig

The Japanese consumer electronics giant acknowledged the breach in a brief statement on Friday (November 26). Panasonic said that it detected the … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/panasonic-admits-data-breach-after-attackers-gain-access-to-file-server&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNE4NbvHtHicxezdJrMu0nL4A7YfgA


HP printer vulnerabilities left enterprise networks open to abuse via ‘cross-site printing’ attack

“There was great cooperation in fixing the issues and HP handled this very responsibly,” Hirvonen tells The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/hp-printer-vulnerabilities-left-enterprise-networks-open-to-abuse-via-cross-site-printing-nbsp-attack&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGL0sj4XeGjxUoCSa5vOcW9sG2CXA


Italian police crack down on fake Covid-19 vaccination passes | The Daily SwigPortSwigger

The Guardia di Finanza (GdF), the Italian law enforcement agency responsible for dealing with financial crime, first detected the trade in mid-July, … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/italian-police-crack-down-on-fake-covid-19-vaccination-passes&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNH0fWK9DY5tCsjNp4r8rf9EKIbhzw


UK Department for Transport caught inadvertently serving pornographic content to site

‘The page has since been permanently deleted’, a government spokesperson told The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/uk-department-for-transport-caught-inadvertently-serving-pornographic-content-to-site-visitors&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFiKxtulibKYNeFEfH6BNk0FzzJOQ