Microsoft Warns of New Windows MHTML Bug
In a security alert issued Friday, Microsoft confirmed that a bug in Windows’ MHTML (MIME HTML) protocol handler can be used by attackers to run malicious scripts within Internet Explorer (IE) browser....
View ArticleClickjacking Blamed For Facebook’s Latest Porn Storm
Facebook users have been bombarded with explicit and violent pictures in the latest malware campaign aimed at the giant social networking site, a security researcher said today. The company confirmed...
View ArticlePayPal Launches A Paid Bug-Bounty Program
Payment services provider PayPal will reward security researchers who uncover vulnerabilities in its website with money, if they report their findings to the company in a responsible manner. “I’m...
View ArticleApple Releases Developer’s Preview Of Safari For OS X
Apple has finally released its first developer preview of Safari for OS X, saying it is following in the footsteps of other major browser makers — all of whom provide early looks at their...
View ArticleCisco Rolls Out Fix For WebEx Vulnerability
Cisco Systems began rolling out a patch for a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on...
View ArticleIs PayPal Exposing User Transactions
"I used Venmo's public API to download all public transactions of 2017, pulling in a total of 207,984,218 transactions. By looking through users and their transactions, I learned an alarming amount...
View ArticleGitLab Gets Aggressive With Bug Bounty Program
The first response also has a service level agreement, with 5 business days being the aim to acknowledge critical problems, with 10 business days covering lesser issues.
View ArticleGitHub Ups The Bounty
Report sharing will be anonymized, allowing GitHub to further protect its users from legal action from third parties. Furthermore, it will inform the user before passing any data, and seek written...
View ArticleWill GitHub Be Held Liable For The Capital One Breach
A GitHub spokesperson told Business Insider that the information posted on GitHub didn't contain any bank account details, SSNs, or any other reportedly stolen personal information.
View ArticleGitHub Embraces Web Authorization
In any case, it's a good thing that GitHub is looking at this. As a repository of code, it's a tempting target for cybercriminals who could slip all manner of nasties into application libraries used by...
View Article
