Collaborate Disseminate
Shopify, the major ecommerce platform which powers many online stores, has revealed that it suffered a serious breach of security at the hands of two rogue employees.
Read more in my article on the Hot for Security blog. Continue reading Rogue Shopify staff accessed customer records, says ecommerce platform investigating security breach
Members of Shopify’s support team abused access to company network Customer contact information and order details accessed FBI and international law enforcement agencies are investigating Shopify, the major ecommerce platform which powers many online s… Continue reading Rogue Shopify Staff Accessed Customer Records, Says Ecommerce Platform Investigating Security Breach
Canadian multinational e-commerce company Shopify disclosed a security incident that involved the information of some of its merchants. On September 22, Shopify published an incident update on its website. This bulletin explained that “two rogue member… Continue reading Shopify Discloses Security Incident Involving Some Merchants’ Data
We believe that the next generation of transformative cloud companies will emerge even faster as a result of the new normal created by COVID-19. Continue reading Why we’re doubling down on cloud investments right now
As a part-time hacker and full-time security engineer at Shopify, I’ve learned a lot along the way. One of the biggest takeaways I recognized early on was that I kept returning to programs run by security teams that respected me and my time, were responsive to my reports and inquiries, and were transparent in their communications and disclosures. When I first joined Shopify, we were challenged to scale our team alongside our relatively new bug bounty program. I was excited to bring my insights and improve upon a program that hackers would engage with. Our goal has always been to build upon the success of our hacker-powered security programs with a concerted effort to promote transparency and attract talent. With the extra sets of eyes, we are able to implement more checks and balances to harden our attack surfaces. We attribute much of our success to our work as an […]
The post What Shopify has learned from five years of bug bounty programs appeared first on CyberScoop.
Continue reading What Shopify has learned from five years of bug bounty programs
The streaming video and podcast content company was hit by a payment-card attack. Continue reading Rooster Teeth Attack Showcases New Magecart Approach
With the shift in the way designers fit into organizations and the way design fits into business overall, the design ecosystem is following the same path blazed by enterprise SaaS companies in recent years. Continue reading Design may be the next entrepreneurial gold rush
User-first products are driving rapid company growth in an era where individuals discover, adopt, and share software they like, but what if your company doesn’t fit that profile? Continue reading Reimagine inside sales to ramp up B2B customer acquisition
The attack left customers unable to access key services for shipping and mailing, the company said. Continue reading Pitney Bowes Hit with Ransomware Attack
Managing people is perhaps the most challenging thing most people will have to learn in the course of their professional lives – especially because there’s no one ‘right’ way to do it. But Ottawa-based startup Fellow is hoping to ease the learning curve for new managers, and improve and reinforce the habits of experienced ones […] Continue reading Fellow raises $6.5M to help make managers better at leading teams and people