Microsoft today launched the Microsoft Online Services Bug Bounty Program which will pay out a minimum of $500 for vulnerabilities found in its cloud services such as Office 365.
Browsing Category: Vulnerabilities
A new report illustrates the continued proliferation of both high-volume and high-rate distributed denial of service attacks, like the ones executed via NTP amplification, over the last few months.
Secure smartphone manufacturer Blackphone announced today that it has launched a bug bounty program hosted on the Bugcrowd platform.
Digital thermostat maker Heatmiser is in the process of contacting its customers about a series of security issues that could open a Wi-Fi connected version of its product to takeover.
Details of a patched privacy vulnerability in MyFitnessPal, a popular fitness and nutrition mobile application, were disclosed this week, three months after a fix was deployed.
Research from the University of Maryland proposes new security metrics that can help enterprises understand risks to their products and prioritize patching and vulnerability management.
OWASP published the latest iteration of its Testing Guide, an informational manual designed to teach developers how to build and maintain secure application.
The deadline for a syntax change for CVE identifiers is coming on Jan. 13 when the four-digit format will support five or more. Vendors must update vulnerability management products to support the new syntax.
Drupal released an update that patches a moderately critical cross-site scripting vulnerability in its Mollom content and spam moderation module.
UPDATE–There are several unpatched, remotely exploitable vulnerabilities in a number of Schneider Electric’s SCADA products, one of which could be used to perform a shutdown of the SCADA server. Another of the vulnerabilities is an authentication bypass that could give an attacker access to sensitive data. The vulnerabilities affect a variety of Schneider Electric StruxureWare[...]