Search Results for "bug bounty"

Episode 79: Hackable Nukes and Dissecting Naughty Toys

In this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.

Continue Reading

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.

Continue Reading

Updated: Intel Fixes ‘Nightmarish’ Firmware Flaw But Nobody’s Safe

In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)

Continue Reading

NetGore: Simple Flaw Affects Hundreds of Thousands of Netgear Devices

In-brief: Weeks after the Federal Trade Commission sued the firm D-Link for weak security in its broadband routers, dozens of routers made by the firm NetGear are reported to also be vulnerable to trivial hacking attacks. Small businesses including restaurants and cafés are heavy users of the devices and may be particularly vulnerable, according to experts at the firm Trustwave.

Continue Reading

Department of Defense Sets Ground Rules for Hackers

In-brief: The U.S. Department of Defense published guidelines on Monday for independent security researchers to disclose vulnerabilities in DoD’s public facing systems. The program, managed by the firm HackerOne, provides a legal route for hackers to disclose vulnerabilities to the military.

Continue Reading
1 5 6 7 8 9 11