Web Security

In the 15 months since Google began offering rewards to researchers who report vulnerabilities in its Web applications, the company has paid out more than $400,000 in bug bounties. That's a lot of money, even for Google, and the company is counting the program as a huge success.  Read more »

The fallout from last month's S4 Conference continues in February, with a planned Valentine's Day release of tools that make it easy to test and exploit vulnerable programmable logic controllers and other industrial control systems. Among the releases will be a tool for cracking passwords on the common ECOM programmable logic controllers by Koyo Electronics, a Japanese firm, according to a blog post by Reid Wightman for Digital Bond.  Read more »

Google has released a major update for its Chrome browser, fixing 20 security vulnerabilities and including a new feature that scans downloaded executables and warns users if they're potentially malicious.  Read more »

Researchers in China published a trove of information on previously unknown (zero day) vulnerabilities in popular applications for Google's Android mobile operating system on Wednesday, including mobile browsers and at least one mobile wallet application. Read more »

Google has released an initial beta of Chrome for Android devices, and the new mobile browser includes a full set of security and privacy functions. The new mobile version of Chrome has the sandbox functionality that has been so important in the desktop browser, as well as a strict permission model for mobile apps. Read more »

In the face of mounting evidence that the CA system is inherently flawed, Google officials are in the process of making changes to the way Chrome handles certificate revocations, and no longer will be using online revocation checks. Instead, Chrome will use the existing update system in the browser to accomplish this task. Read more »

A report from Web security firm zScaler finds that Web pages hosted by the firm Dreamhost are being redirected to a scam Web site in Russia following a hack of the company's servers last month.  Read more »

European officials want Google to slow its plans to introduce a new privacy policy so that they can investigate whether or not it is strong enough to protect user data. Read more »

CANCUN, MEXICO - A prominent privacy activist says that leading software vendors, and the U.S. government are failing the public when it comes to Internet privacy, and that big changes are needed to prevent consumers from criminals, advertisers and government spies. Read more »

A whopping 97 percent of fake Facebook profiles purport to be female, according to this infographic based on a new study, announced today, from security firm Barracuda Networks. In order to expand their networks and entice would-be victims, 58 percent of the phony profiles also claim to be bisexual and on average, have 726 friends while 68 percent claim to have attended college. Read more »