Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps

facebook bug bounty program

Following a series of security mishaps and data abuse through its social media platform, Facebook today expanding its bug bounty program in a very unique way to beef up the security of third-party apps and websites that integrate with its platform. Last year, Facebook launched “Data Abuse Bounty” program to reward anyone who reports valid Leggi tutto…

Report to Your Management with the Definitive ‘Incident Response for Management’ Presentation Template

cybersecurity incident response plan template

Security incidents occur. It’s not a matter of ‘if’ but of ‘when.’ There are security products and procedures that were implemented to optimize the IR process, so from the ‘security-professional’ angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process Leggi tutto…

Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products

adobe software patch updates

No, it’s not a patch Tuesday. It’s the third Tuesday of the month, and as The Hacker News shared an early heads-up late last week on Twitter, Adobe today finally released pre-announced out-of-band security updates to patch a total of 82 security vulnerabilities across its various products. The affected products that received security patches today Leggi tutto…

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

firefox browser javascript injection attacks

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in “about: pages” that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some Leggi tutto…

Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

linux sudo hacking

Attention Linux Users! A vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to Leggi tutto…

UNIX Co-Founder Ken Thompson’s BSD Password Has Finally Been Cracked

ken thompson unix bsd password

A 39-year-old login password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted an interesting “/etc/passwd” file in a publicly Leggi tutto…

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks

apple Bonjour ransomware

Watch out Windows users! The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple’s iTunes and iCloud software for Windows to evade antivirus detection. The vulnerable component in question is the Bonjour updater, a zero-configuration implementation of network communication protocol Leggi tutto…

New Comic Videos Take CISO/Security Vendor Relationship to the Extreme

CISO Cyber Security Videos

Today’s CISOs operate in an overly intensive environment. As the ones who are tasked with the unenviable accountability for failed protection and successful breaches, they must relentlessly strive to improve their defense lines with workforce education, training their security teams and last but definitely not least — looking for products that will upgrade and adjust Leggi tutto…