Month: April 2022

The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its ‘Hack DHS’ bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. […]

The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. […]

The US Department of Energy (DOE) has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. […]

T-Mobile has confirmed that the Lapsus$ extortion gang breached its network “several weeks ago” using stolen credentials and gained access to internal systems. […]

Threat analysts report that zero-day vulnerability exploitation is on the rise with Chinese hackers using most of them in attacks last year. […]

Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a critical authentication bypass vulnerability in Seraph, the company’s web application security framework. […]

Microsoft has released the optional KB5012636 cumulative update preview for Windows 10 1809 and Windows Server 2019, with fixes for system freezing issues affecting client and server systems. […]

Pwn2Own Miami 2022 has ended with competitors earning $400,000 for 26 zero-day exploits (and several bug collisions) targeting ICS and SCADA products demoed during the contest between April 19 and April 21. […]