Google open source Bug Bounty Program Overhaul

Google Vulnerability Reward Program Focuses on Open Source Software 

Google’s bug bounty program will be expanded to include a special open source section called the Open Source Software Vulnerability Rewards Program (OSS VRP), the company announced on its security blog. Through ...
Security Boulevard
🥇

Cyber Security DE:CODED – Cloud security

“As long as anything is online, it’s open for strangers to try to break protection” Show notes for series 2, episode 4 The ‘cloud’ is integrating with our lives at ever more ...
Google WhiteSource Log4j Deepfence threat report

Google Brings Curated Detections to Cloud Security Service

Google has made generally available a set of curated detections for organizations that have adopted its Chronicle SecOps Suite. Chris Corde, director of product management for security at Google Cloud, said those ...
Security Boulevard
Gmail Lets Candidates Spam You — FEC FAIL

Gmail Lets Candidates Spam You — FEC FAIL

Politicians convinced the Federal Election Commission (FEC) that Google must give them a free pass through Gmail’s spam filters ...
Security Boulevard
Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold

Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold

Google’s plan to kill third party cookies is delayed—yet again. And it’s probably not surprising ...
Security Boulevard
search China Steals U.S. Rice Research

Police Use New Keyword Search Tool in Colorado Arson Investigation

In August of 2020, there was a horrific house fire on a quiet suburban street in Denver, Colorado. Several people were killed; others injured. The police sought and obtained more than 23 ...
Security Boulevard
zero-day zero-trust app hardware zero-trust prepare

Google: Poor Software Fixes Cause Half of all Zero-Days

Researchers from Google’s Project Zero examined 18 zero-day vulnerabilities exploited by hackers this year before a patch was available; they found that half those vulnerabilities could have been avoided if software vendors ...
Security Boulevard
Could TikTok Be Removed, HackerOne Employee Caught Stealing, California Gun Owner Data Breach

Could TikTok Be Removed From App Stores, HackerOne Employee Caught Stealing Vulnerability Reports, California Gun Owner Data Breach

The commissioner of the FCC (Federal Communications Commission), asked the CEOs of Apple and Google to remove TikTok from their app stores, bug bounty platform HackerOne disclosed that a former employee improperly ...
API, ChatGPT, exfiltration API security Salt Security APIs social media

Google Launches Advanced API Security to Combat API Threats 

Google launched a preview version of a service, called Advanced API Security, aimed at helping organizations combat growing threats targeting application programming interfaces (APIs).  The goal of the service, built on the ...
Security Boulevard
The Link Between AWM Proxy & the Glupteba Botnet

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past ...