As the threat landscape continues to deepen in both volume and complexity, bug bounties are becoming an increasingly popular way for vendors to cost-effectively uncover potentially severe exploitable security issues. Microsoft has joined the cash-payout fray for the first time, announcing three new "Heart of Blue Gold" bounty programs that will pay up to $100,000 to enterprising researchers and hackers.
19 June 2013
Oracle has released its June 2013 Java SE Critical Patch Update (CPU), which fixes 40 security issues. All vulnerabilities except three can be exploited remotely without authentication by an attacker, and in most cases, the attacker can take complete control of the system.
19 June 2013
Apple has published a transparency update detailing that between December 1, 2012 and May 31, 2013, it received between 4,000 and 5,000 requests from US law enforcement for customer data.
17 June 2013
Despite increased focus on the security holes that bring-your-own-device (BYOD) strategies and the consumerization of IT present within the enterprise, research from AppSense has revealed that the threat to corporate IT security hasn't really abated at all – especially with consumers circumventing IT altogether in some cases when it comes to mobile working.
14 June 2013
Although the mention of “cloud services” tends to strike security fears into the hearts of IT administrators, perceptions of the cloud held by nonusers directly contrast with the real experiences of cloud adopters, according to a new Microsoft study of small and midsize businesses (SMBs) in the US.
13 June 2013
Coordinated with Microsoft's Patch Tuesday monthly security updates, Adobe has released a single security bulletin for June.
13 June 2013
While IT security professionals recognize the threat posed by unwitting employees, many still admit to allowing administrative privileges to go unmanaged, making organizations increasingly vulnerable to malware exploits and unauthorized software, according to a survey by Avecto.
11 June 2013
A mystery technology is allowing car thieves to pop open automatic car locks over the air using a hand-held device – but police have no idea how they’re managing to do it.
10 June 2013
Mobile cyber-threats are increasingly on the rise, not only in the form of malware but also just lax security guards within applications. Veracode conducted an analysis of the most popular mobile applications used within enterprises and found that many of these apps access confidential and sometimes personal data on the mobile device and expose sensitive information to unknown parties.
10 June 2013
In a move geared to keep up with the ever-changing online threat landscape, Google has increased its reward levels for researchers that uncover flaws. In particular, Google has its sights set on cross-site scripting.
07 June 2013