Tripwire Patch Priority Index for July 2019

Tripwire’s July 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Oracle. First on the list for July are patches for Microsoft’s Browser and Scripting Engine. These patches resolve ...
How ShiftLeft is able to analyze 1 million LoC under 15 minutes?

How ShiftLeft is able to analyze 1 million LoC under 15 minutes?

How ShiftLeft is able to analyze a million lines of code in just under 15 minutes?ShiftLeft code analysis technology uses a singular code representation “code property graph” to perform all types of ...
Apple Increases Maximum Bug Bounty Program Payout to $1M

Apple Increases Maximum Bug Bounty Program Payout to $1M

Apple announced that it will be expanding the scope of its bug bounty program and increasing its maximum possible reward payout to $1 million. Ivan Krstić, Apple’s head of security engineering, made ...
AT&T Announces Launch of Public Bug Bounty Program

AT&T Announces Launch of Public Bug Bounty Program

American multinational conglomerate holding company AT&T has announced the launch of its public bug bounty program on HackerOne. Revealed on 6 August, the new program will award security researchers who submit reports ...
Protecting against SWAPGS Attack via Hypervisor Introspection

Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The ...

Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security — specifically the weak points — of its internal network. Security researcher Justin Paine discovered the ...
Capital One notified of data breach

Woman arrested after Capital One hack spills personal info on 106 million credit card applicants

The FBI has arrested a 33-year-old software engineer in Seattle as part of an investigation into a massive data breach at financial services company Capital One. The post Woman arrested after Capital ...
EH-Net - Wylie - Manual Vulnerability Detection

Manual Vulnerability Detection

Typically during penetration tests, scanners are used to detect vulnerabilities. Sometimes security professionals may want to go undetected to test the response of the blue team (aka defensive security) and the security ...
Google Raises Award Amounts for Chromium Bug Bounty Program

Google Raises Award Amounts for Chromium Bug Bounty Program

Google has raised the award amounts for security researchers who submit eligible vulnerability reports under its Chromium bug bounty program. On 18 July, Natasha Pabrai and Andrew Whalley of the Chrome Security ...
1960s: DICK TRACY WATCH

Apple says its Walkie-Talkie app could be exploited to spy on iPhones

Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge. The ...
Loading...