News • Insights • Analysis
The financially motivated cybercrime gang behind the Carbanak backdoor malware, FIN7, has hit upon a genius idea for maximizing profit from ransomware: Hire real pen-testers to do some of their dirty work instead of striking partnerships with other criminals. According Read More …
Around 1,500 Cobalt Strike beacons uploaded to VirusTotal were reusing the same RSA keys from a cracked version of the software, according to a security researcher who pored through the malware repository. The discovery could make blue teams’ lives easier Read More …
Google has announced the launch of its first vulnerability rewards program for Android Enterprise with bounties of up to $250,000. This builds on the introduction of several enhancements with Android 12 to boost the platform’s overall security. Security enhancements included Read More …
ZTE has widened a bug bounty scheme to plug security vulnerabilities in its products, especially potential holes brought about by the launch of commercial 5G networks and services. The Chinese networking equipment vendor is working with bug bounty platform YesWeHack Read More …
Google announced a new bug bounty platform as it celebrated the 10-year anniversary of its Vulnerability Rewards Program (VRP). The program led to a total of 11,055 bugs found, 2,022 rewarded researchers and nearly $30 million in total rewards. Jan Read More …
Microsoft has revealed it awarded 341 researchers a total of $13.6 million during the past year for reporting security vulnerabilities in its bug bounty programs. The awards were issued between July 1, 2020 and June 30, 2021 and is slightly Read More …
A group of ethical hackers cracked open Apple’s infrastructure and systems and, over the course of three months, discovered 55 vulnerabilities, a number of which would have given attackers complete control over customer and employee applications. Of note, a critical, Read More …
A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months. Emotet, which first emerged in 2014 and has since then evolved into a Read More …
Bug-bounty programs have become a popular way for vendors to root out security flaws in their platforms, attracting talented white-hats with the promise of big rewards. According to HackerOne’s 2020 List of the Top 10 Bug Bounty Programs on its Read More …
Apple has awarded a bug bounty hunter $100,000 for finding and reporting a severe security issue that could lead to the takeover of third-party user accounts. As reported by Hacker News, researcher Bhavuk Jain discovered the vulnerability in the “Sign in Read More …
