vulnerability
GitHub sets up bug bounty program
GitHub is the latest service to announce that they have started a security bug bounty program. “The idea is simple: hackers and security researchers find and report …
Check Point discovers critical vulnerability in MediaWiki
Check Point found a critical vulnerability in the MediaWiki project Web platform, a popular open source Web platform used to create and maintain ‘wiki’ Web sites. …
VPN bypass attack possible also on Android KitKat
Security researchers at Ben Gurion University in Israel are on a roll when it comes to discovering Android security flaws, and they revealed the existence of a critical flaw …
Hasbro’s website compromised, serves malware
The official website of well-known toy maker Hasbro has been compromised and found serving malware to unsuspecting visitors on a number of occasions during the last few weeks. …
Facebook awards $33,500 bounty for critical flaw
Facebook has announced that it has awarded $33,500 – their biggest bug bounty payout to date – to a Brazilian security researcher that discovered a remote code …
Chrome bugs allow websites to listen in on your conversations
Several security flaws in the popular Google Chrome browser can be exploited to turn the computer into a surreptitious listening device, claims Israeli developer Tal Ater. As …
Starbucks fixes password-related flaw in its iOS app
If you have followed last week’s hullabaloo about the Starbucks iOS app found storing passwords and location coordinates in clear text, and you have been worried about …
Light Patch Tuesday delivers four bulletins
With only four bulletins, this month’s release is the lightest in recent memory. Markedly missing are any bulletins for Internet Explorer and not a single bulletin is …
Light Patch Tuesday coming up
2014 is getting off to a light start with Microsoft. Only four advisories in the January advance notification. For the first time in a while, there is not a cumulative IE roll …
Triggering deep vulnerabilities using symbolic execution
Symbolic Execution (SE) is a powerful way to analyze programs. Instead of using concrete data values SE uses symbolic values to evaluate a large set of parallel program paths …
Yahoo visitors got served with malicious ads
Visitors to the main Yahoo domain have been targeted with malicious ads that redirected them to an exploit kit serving different types of malware, the Dutch security audit …
Snapchat makes no apology for breach, announces app update
One good thing to come from the leak of usernames and phone numbers of some 4.6 million Snapchat users is that the company is now forced to patch the exploited …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments