In-brief: a survey of security professionals finds they are willing to circumvent vendors who do not respond to reports of security holes in their products.
Search Results for "bug bounty"
Oracle’s Cantankerous CSO: a Symptom or the Cause?
In-brief: Oracle CSO Mary Ann Davidson’s screed against vulnerability researchers was a shock – unless you’ve been listening to what she and her employer have been saying for the last two decades.
Tesla’s Built a Server / Database … on Wheels
In-brief: Tesla Motors CTO attends DEF CON thanking researchers for finding flaws in the Model S and seeking harmony with the security community. If you can’t beat them, join them. Not only were Tesla Motors representatives were on hand at last week’s DEF CON 23, they were recruiting, and answering questions about one of the talks targeting their Model S car. They even parked one of the cars within the Bally’s Las Vegas Hotel and Casino Convention Hall right next to the conference’s annual Capture the Flag competition. Over the course of the last two years, researchers Kevin Mahaffey, co-founder and CTO of mobile security firm Lookout, and Marc Rogers, principal security researcher for CloudFlare, discovered six vulnerabilities and then worked with the electric car company to patch them. Last Wednesday, one day before their scheduled talk, Tesla pushed out a patch to every Model S in the world. And […]
Update: Plumbing Facebook, Researcher Finds Hole In Secure File Transfer Platform
Updated to include response from Accellion. 1/9/2013 A security researcher who was looking for vulnerabilities in Facebook’s platform instead stumbled on a much larger hole that could affect scores of firms who rely on a secure file transfer platform from Accellion. Writing on his blog on Monday, Israeli researcher Nir Goldshlager said he uncovered a security hole affecting Accellion’s Secure File Transfer service that could allow an attacker to take control of a user’s Secure File Transfer account with little more than the e-mail address associated with the account. Accellion Secure File Transfer is a service that allows enterprises to offer secure transfer and storage of large files (up to 100GB). In contrast to consumer-focused services like DropBox, Accellion offers comprehensive file tracking and reporting as well as data security features necessary to satisfy government regulations like HIPAA, GLBA, and SOX. Secure File Transfer is offered to companies as a private cloud, public […]
Report: with most exploited vuln of 2018, it’s really Really REALLY time to ditch IE!
Microsoft’s products are still a leading source of exploitable security vulnerabilities used by hackers, according to a report by the firm Recorded Future.
