Security News


UK to Probe Newport Wafer Deal Under National Security Act – Bloomberg

The UK government will probe a Chinese-led takeover of a British semiconductor plant, the business secretary said Wednesday. https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-05-25/uk-to-probe-newport-wafer-deal-under-national-security-act&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AOvVaw0m_OR0kxg3KJPAhNIYAp1y


Tails users warned not to launch bundled Tor Browser until security fix is released – PortSwigger

The vulnerability does not break the anonymity and encryption of Tor connections, meaning that it is still safe and anonymous to access websites from … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/tails-users-warned-not-to-launch-bundled-tor-browser-until-security-fix-is-released&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1KNk-tGmqsgpmIW8yAA0Mn


DBIR 2022: Ransomware surge increases global data breach woes | The Daily SwigPortSwigger

A BAE Systems representative added that attackers are still using the same methods to infect systems – network vulnerabilities (open RDP ports) and … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/dbir-2022-ransomware-surge-increases-global-data-breach-woes&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw1rZoyNg-_mEiOMhlpT5pIq


Critical Argo CD vulnerability could allow attackers admin privileges | The Daily SwigPortSwigger

Luckily for users, application is secure in its default settings. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/critical-argo-cd-vulnerability-could-allow-attackers-admin-privileges&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3PxtOR8CZdRMjTYqQeNHdk


Catholic Cardinal, Singer in Court on National Security Charges – Bloomberg.com

90-year-old former bishop of Hong Kong @CardJosephZen and singer @hoccgoomusic went to court Tuesday, facing charges related to the … https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/videos/2022-05-24/cardinal-singer-in-court-on-national-security-charges-video&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AOvVaw1Lmylsfhv2vqSxkMk1oXAI


Port Authority Says People Prefer Driving Into City Now – Bloomberg.com

00:00Talk to us first and foremost about a focus on security right now and how you’re reacting to it. Well security and safety is really the … https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/videos/2022-05-23/port-authority-says-people-prefer-driving-into-city-now-video&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AOvVaw2vqsU8vnlFAFohn8ktDlwa


Blockchain bridge Wormhole pays record $10m bug bounty reward | The Daily SwigPortSwigger

An attacker exploiting the vulnerability “could have held the entire protocol [to] ransom with the threat that the Ethereum Wormhole bridge would be … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/blockchain-bridge-wormhole-pays-record-10m-bug-bounty-reward&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3JUTEqp82SXSD1ev_pswTn


Yik Yak fixes information disclosure bug that leaked users’ GPS location | The Daily Swig

‘Anonymous’ social network Yik Yak took more than three months to address vulnerabilities that meant it wasn’t anonymous at all, despite reports … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/yik-yak-fixes-information-disclosure-bug-that-leaked-users-gps-location&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw2VkSCKbnN1J1g52s0H2XM2


China Ride-Hailing Giant Didi Investors to Vote on NY Delisting – Bloomberg.com

Chinese ride-hailing giant Didi Global Inc. is widely expected to secure a blessing from its shareholders on Monday to delist in New York. https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/videos/2022-05-23/didi-global-shareholders-to-vote-on-new-york-delisting-video&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AOvVaw1itfPqFibtZDwsTAnZtozD


Widespread Swagger-UI library vulnerability leads to DOM XSS attacks | The Daily Swig

Dawid Moczadło, co-founder of Vidoc Security Lab, published a security advisory on May 16 documenting a DOM cross-site scripting (XSS) vulnerability … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/widespread-swagger-ui-library-vulnerability-leads-to-dom-xss-attacks&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AOvVaw3X0EnY0uPxAg-94AH_EH9V