The Daily Swig

Alert overload – @CRESTadvocate report highlights growing problem of burnout in security industryhttps://portswigger.net/daily-swig/alert-overload-crest-report-highlights-growing-problem-of-burnout-in-cybersecurity-industry …

Technical analysis: Researchers from @Doyensec disclose a heap overflow bug found in older versions of an antivirus product produced by F-Securehttps://portswigger.net/daily-swig/f-secure-issues-fix-for-internet-gatekeeper-heap-overflow-vulnerability …

A US man has pleaded guilty to breaking into multiple Nintendo servers in order to steal video games and other proprietary datahttps://portswigger.net/daily-swig/us-man-who-broke-into-nintendos-systems-to-steal-games-and-console-secrets-pleads-guilty …

Curtain call for TLS 1.0 and 1.1 – webmasters urged to migrate without delayhttps://portswigger.net/daily-swig/tls-1-0-1-1-end-of-life-countdown-heads-into-the-danger-zone …

Chrome SameSite cookie change expected to result in ‘modest’ website breakagehttps://portswigger.net/daily-swig/chrome-samesite-cookie-change-expected-to-result-in-modest-website-breakage …

A US man has pleaded guilty to breaking into multiple Nintendo servers in order to steal video games and other proprietary datahttps://portswigger.net/daily-swig/us-man-who-broke-into-nintendos-systems-to-steal-games-and-console-secrets-pleads-guilty …

Microsoft Azure users left exposed to recently resolved critical vulnerability due to code sanitization shortcomings – technical write-up by @_CPResearch_https://portswigger.net/daily-swig/spotlight-shone-on-microsoft-azure-vulnerability …

Magento developers issue critical security updates for e-commerce platform often targeted by Magecart cybercriminalshttps://portswigger.net/daily-swig/magento-fixes-trio-of-critical-security-flaws …

A batch of newly proposed US bills take aim at ransomware possession and paymentshttps://portswigger.net/daily-swig/maryland-poised-to-criminalize-ransomware-possession …

Security patch rushed out after exploit reveals 18 month old PHP flaw was far from a dud after allhttps://portswigger.net/daily-swig/dismissed-php-flaw-shown-to-pose-code-execution-risk …

Charges against two US security consultants who were arrested during a @CoalfireSys pen test last September have been droppedhttps://portswigger.net/daily-swig/coalfire-arrests-charges-against-us-pen-testers-finally-dropped …

In this week’s #SocialSec: Coronavirus fears postpone DEF CON China; Avast caught in the act; and the UK gives the go ahead to Huawei on 5Ghttps://portswigger.net/daily-swig/socialsec-hot-takes-on-this-weeks-biggest-cybersecurity-news-jan-31 …

Hackers descended on the French city of Lille this week to participate in a live bug bounty event hosted by @yeswehackhttps://portswigger.net/daily-swig/hackers-bank-big-bucks-at-live-hacking-event-in-france …

Doxxing could soon become a criminal offense in Hong Kong, as lawmakers confront a surge in the spread of private information onlinehttps://portswigger.net/daily-swig/hong-kong-aims-to-tackle-doxxing-with-overhaul-of-data-privacy-laws …

#BugBountyRadar // This month’s top bug bounty news, featuring new and enhanced rewards programs from @Roblox, @pingidentity, @kubernetesio, @GoodRx, and morehttps://portswigger.net/daily-swig/bug-bounty-radar-january-2020 …