Apple opens public bug bounty program, publishes official rules

Apple has formally opened its bug bounty program today to all security researchers, after announcing the move earlier this year in August at the Black Hat security conference in Las Vegas. Until today, Apple ran an invitation-based bug bounty program for selected Read More …

New vulnerability lets attackers sniff or hijack VPN connections

Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and tamper with VPN-tunneled connections. The vulnerability — tracked as CVE-2019-14899 — resides in the networking Read More …

Office for Mac Users Warned of Malicious SYLK Files

Microsoft Office for Mac users are being warned that malicious SYLK files are sneaking past endpoint defenses even when the “disable all macros without notification” is turned on. This leaves systems vulnerable to a remote, unauthenticated attackers who can execute Read More …