Collaborate Disseminate
U.S. Government releases post-mortem on Equifax, MacOS security baseline script by Jerry Gamblin, Equifax mega-breach and nothing has changed, Docker hacking challenge, and Bug Bounties and mental health. News Bugs, Breaches, and More! 1.) U.S. Governm… Continue reading Microsoft, Equifax, MacOS, and Bug Bounties – Application Security Weekly #31
In the age of algorithmic decision-making, we need to incentivize algorithmic auditors to become our new immune system. Continue reading We Need Bug Bounties for Bad Algorithms
Google, Microsoft, security researchers and hacking groups have lined up to protest the bill, which would criminalize unauthorized computer access. Continue reading Hacktivists, Tech Giants Protest Georgia’s ‘Hack-Back’ Bill
Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed? Continue reading HackerOne CEO Talks Bug Bounty Programs at RSA Conference
This week, Drupal vulnerabilities, APT detection, DoD bug bounties, new DNS services and breaches galore from Under Armour, Saks, Lord and Taylor, and Panera! Jason Wood from Paladin Security joins us for expert commentary so stay tuned to this episode… Continue reading APT, MITRE, DoD, and Panera – Hack Naked News #167
A startup that buys zero-day exploits will pay hackers $45,000 for Linux local privilege escalation exploits against popular operating systems like Ubuntu, Debian and Fedora. The company, Zerodium, is famous for its exploit-buying program. It pays bounties as high as $1.5 million bounty if the research is completely original and the target is right. The price depends on the security of the target and the demand in the market. The program might be widely known in the cybersecurity community, but the results are highly secret: Zerodium, based in Washington, D.C., sells its exploits to government customers who will pay for the ability to break virtually any kind of computer. Privilege escalation exploits are particularly valuable because they allow an attacker to gain access to parts of a computer that would otherwise be restricted from them. The new $45,000 bounty for Linux local privilege escalations is a $15,000 raise above Zerodium’s usual $30,000 price tag, suggesting a […]
The post $45,000 bounty offered for Linux zero days appeared first on Cyberscoop.
The move adds to Google’s efforts against malicious apps on the Play store. Continue reading Google Expands Play Marketplace Bug Bounty Program
The move adds to Google’s efforts against malicious apps on the Play store. Continue reading Google Expands Play Marketplace Bug Bounty Program
Where do they live? Why do they do it? HOW do they do it? HackerOne surveyed its registered ethical hackers to find out. Continue reading Under the hoodie: what makes bug bounty hunters tick?
Mystery bug bounties, Marcus Hutchins pleads not guilty, a password guru regrets past advice, Dropbox and offline two-factor authentication, and more security news! Paul’s Stories Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities Hacker Marcus Hutchins To Plead Not Guilty To Malware Development Password Guru Regrets Past Advice Salesforce Sacks Security Engineers For Their […]
The post Salesforce, Dropbox, BeyondTrust, Pentesting, and Defcon – Paul’s Security Weekly #525 appeared first on Security Weekly.