HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains

2022-07-04 - Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain. "The person anonymously disclosed this vulnerability information outside the HackerOne platform with the goal of claiming additional bounties," it said. "In under 24 hours, we worked quickly to contain the

Source: Tweakers.net, Ravie Lakshmanan

TikTok Assures U.S. Lawmakers it's Working to Safeguard User Data From Chinese Staff

2022-07-02 - Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "strengthen data security." The admission that some China-based employees can access information from U.S. users came in a letter sent to nine senators, which further noted that the

Source: Tweakers.net, Ravie Lakshmanan

Google Improves Its Password Manager to Boost Security Across All Platforms

2022-07-02 - Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a "simplified and unified management experience that's the same in Chrome and Android settings," Ali Sarraf, Google Chrome product manager, said in a blog post. The updates are also expected to automatically

Source: Tweakers.net, Ravie Lakshmanan

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps

2022-07-02 - Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "complex multi-step attack flow" and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent

Source: Tweakers.net, Ravie Lakshmanan

New 'SessionManager' Backdoor Targeting Microsoft IIS Servers in the Wild

2022-07-01 - A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers belonging to a wide range of entities worldwide, with infections lingering in 20 organizations as of June 2022. Dubbed SessionManager, the malicious tool masquerades as a module for Internet Information Services (IIS), a web server software for Windows systems, after

Source: Tweakers.net, Ravie Lakshmanan

Ett stort företag börjar från små.
Grundades 2015
Hi,
let's talk about your project

Innehållet i detta e-postmeddelande är konfidentiellt och avsett endast för den mottagare som anges i meddelandet.