Bug bounty programs, for the most part, have been the domain of large software vendors and Web companies such as Google, Mozilla, Microsoft, PayPal and Facebook. But some smaller companies are now getting involved, with the latest one to announce a bounty being Wickr, the maker of secure messaging apps for Android and iOS, and[...]
Browsing Category: Microsoft
Microsoft released four security bulletins today as part of its January 2014 Patch Tuesday updates. All of the bulletins are rated important, including a patch for a zero day in Windows XP.
The Syrian Electronic Army is claiming responsibility for compromises of the official Microsoft blog as well as the official Xbox and Skype Twitter accounts.
Microsoft announced Thursday that it plans to release four bulletins next week as part of the year’s first batch of Patch Tuesday security updates, none of which are rated critical.
Dennis Fisher and Mike Mimoso talk about the year that was in the security industry, including the last six months of NSA drama, the Microsoft bug bounty program, exploit sales and attacks against major banks.
The Syrian Electronic Army took advantage of the relative calm of New Year’s Day to make a loud statement about the NSA’s surveillance program and Microsoft’s alleged participation in it.
Windows Error Reporting crash reports are sent unencrypted to Microsoft and contain a wealth of system and application information that can be exploited not only by hackers but government agencies to fingerprint machines for compromise.
Microsoft claims that Turkish machines encounter more malware than computers in any other country in the world.
Microsoft said the botmasters behind ZeroAccess have abandoned the peer-to-peer botnet less than a month after Microsoft and law enforcement disrupted its click-fraud operation.
While Microsoft patched five critical vulnerabilities today, including the GDI+ zero day, experts urge a close look at an “important” patch addressing an ASLR bypass.