Source
PortSwigger
UK NCSC and ICO urge legal sector to discourage businesses from paying ransomware demands
Advice comes as cost of cybercrime ‘increases’
PyPI repo to distribute 4,000 security keys to maintainers of ‘critical projects’ in 2FA drive
Google is providing Titan Security Keys to maintainers of projects in top 1% of downloads
Post-quantum cryptography hits standardization milestone
Green light for four ‘future-proofed’ encryption technologies
‘Dirty dancing’ in OAuth: Researcher discloses how cyber-attacks can lead to account hijacking
Single-click account takeovers are made possible by taking advantage of quirks in OAuth
AstraLocker ransomware decryptors released by Emsisoft
Threat actor released decryption keys after abandoning malware to focus on cryptojacking
Decentralized Identifiers: Everything you need to know about the next-gen web ID tech
DID promises to give web users more control over their digital identities
Node.js fixes multiple bugs that could lead to RCE, HTTP request smuggling
All security issues have been patched – update now
Lockdown Mode: Apple offers $2m bug bounty for vulnerabilities in new anti-spyware tech
Latest feature will protect against targeted attacks
SMEs slow to adopt MFA – study
Authentication shortcomings leave sensitive data at risk
Fortinet patch batch remedies multiple path traversal vulnerabilities
Four high, six medium, and one low severity issue fixed