Security pros weigh in on China’s new vulnerability disclosure law … and member of ISACA’s Emerging Trends Working Group, told The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/research-roadblock-security-pros-weigh-in-on-chinas-new-vulnerability-disclosure-law&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNHltms2A3ChLzO-1_vpJ-r0yU3JQQ
Vulnerabilities in the way websites resolve email domains have left many … to obtain password reset URLs in emails,” Longin told The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/dozens-of-web-apps-vulnerable-to-dns-cache-poisoning-via-forgot-password-feature&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFSficbfvr3TjOmF3baQALg0m8uQg
Royal Holloway professor Martin Albrecht told The Daily Swig that the researchers offered lessons for other developers of secure messaging apps … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/multiple-encryption-flaws-uncovered-in-telegram-messaging-protocol&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFzfGqXfRk95Zt1r7EwODewbckxJQ
Speaking to The Daily Swig, Marc Avery, director at Cyber Chain Alliance and co-founder of Respect in Security, said one of the main issues in the … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/respect-in-security-new-infosec-campaign-aims-to-stamp-out-harassment&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNEoVBztEy3jJuWRgrQjTu6qgBOdBQ
Our program is in a highlighted position on their platform.” Csaba Mészáros, co-CEO of Hacktify International, told The Daily Swig that “incoming bug … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/loyalty-management-tech-firm-antavo-launches-bug-bounty-program&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGrvhQX93IjiyfB9cwIJ4a1pN7DbA
Developers have taken a second stab at fixing a tricky flaw in cURL, the … writing test cases for it) – mistakes easily happen,” he told The Daily Swig. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/curl-developers-take-a-second-shot-at-fixing-information-disclosure-flaw&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGC4YrjBGYnI0IXm-XR2yDFdITwwQ
WordPress has extended its Site Health interface for developers, allowing for greater visibility over potential security flaws. Version 5.8 of WordPress … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/wordpress-5-8-update-extends-site-health-interface-for-developers&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFl7yLFMxyPhd1t98nwVIgtEBL1fA
TIBCO has yet to respond to The Daily Swig‘s invitation to comment, but we will … Ribeiro said he previously exploited the BeanShell flaw in DrayTek … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/update-now-tibco-data-virtualization-software-vulnerable-to-rce-via-third-party-flaws-claims-researcher&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNEgN1V9wPav6JiSjnjUcpSpb28BhQ
“We have Aruba routers providing us web access in our office,” Greenhut told The Daily Swig. “Our research started because we were working from … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/chained-vulnerabilities-in-aruba-networks-firmware-allowed-remote-code-execution-on-routers&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGilJyBMmwKAH-Z6VXbSDObiPPKVw
Umbraco declined to comment further in response to a query from The Daily Swig. This article may be updated with further details following the release … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/umbraco-flags-pending-security-patch-for-rce-vulnerability-in-forms-package&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFxQ1iJWuPoKV5hZ5PSRkB34s-40g