Cyber Security Informer

HackerOne awarded over $300 million bug hunters

Security Affairs

OCTOBER 30, 2023

HackerOne announced that it has awarded over $300 million bug hunters as part of its bug bounty programs since the launch of its platform. Most of bug hunters (61%) are experimenting Generative AI (GenAI) and believe it is essential to develop a new generation of hacking tools that can help them find more vulnerabilities.

Cyber Insurance

Cyber Insurance Hacking Insurance CISO

What to do when a bug bounty request sounds more like extortion

SC Magazine

APRIL 15, 2021

There are some who are more concerned about scoring a big payday than ensuring a bug is responsibly disclosed and fixed before malicious actors can take advantage. SC Media then followed up by reaching out to additional bug bounty experts to get their own take on how to respond to such a situation. Photo courtesy of HackerOne).

CSO

CSO Media Manufacturing Ransomware

How to Close the Cybersecurity Skills Gap in Your Business

CyberSecurity Insiders

SEPTEMBER 26, 2022

There are about 715,000 cybersecurity job openings in the United States that companies need to fill but cannot. One main issue is the level of certification needed to secure these cybersecurity jobs — the best-paying positions often require certificates in addition to a prospect’s university degrees. How can they close the skills gap?

Cybersecurity

Cybersecurity Education Artificial Intelligence Phishing

What Do the Pentagon and Facebook Have in Common? Website Security.

SiteLock

AUGUST 27, 2021

Is website security a priority for you? Large companies are well aware of this, which is why many have “Bug Bounty Programs” to reward website users for finding and reporting bugs, like exploits and vulnerabilities that live on their websites. Naturally, security is a top priority for the United States Pentagon.

DDOS

DDOS Passwords Firewall Small Business

The rise of millionaire zero-day exploit markets

Security Affairs

NOVEMBER 17, 2021

Zero-day exploits are essential weapons in the arsenal of nation-state actors and cybercrime groups. Another factor to consider is that the high prices in the underground market are necessary to avoid that the developers of the exploits will disclose the vulnerabilities to the vendors through their bug bounty programs.

Marketing

Marketing Cybercrime Hacking Advertising

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security. Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data. CVE-2023-6318 permits privilege escalation to get root access.

Firewall

Firewall VPN Software Risk

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

” Gupta said the report qualified as a “medium” severity security issue in Shifter’s brand new bug bounty program (the site makes no mention of a bug bounty), which he said offers up to $2,000 for reporting data exposure issues like the one they just fixed.

Advertising

Advertising Software Computers and Electronics Internet

How to Implement a Penetration Testing Program in 10 Steps

eSecurity Planet

FEBRUARY 20, 2023

Penetration tests find security vulnerabilities before hackers do and are critical for keeping organizations safe from cyber threats. You can either create your own pentesting program or hire an outside firm to do it for you. Penetration test services have become common, with many security companies offering them.

Penetration Testing

Penetration Testing Cyber threats Engineering Architecture

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

We overview what kind of attacks are now carried out by cybercriminals and what influenced this change — including such factors as changes in vulnerability market and browser safety. Moreover, trends that are visible in one country, more often than not resurface in other places and among new cybercriminal gangs.

Cybercrime

Cybercrime Banking Malware Ransomware

The Hacker Mind Podcast: Hacking Ethereum Smart Contracts

ForAllSecure

FEBRUARY 10, 2022

In other words, these cryptocurrencies were essentially stolen. And same with smart contract -- it’s not really a contract, a program included in a blockchain. How do you stop a half billion dollars in cryptocurrency from being stolen? You perform software testing and responsibly disclose it first, of course. million dollars.

Hacking

Hacking Cryptocurrency Accountability Banking

Looking back on the Log4j Weekend

Security Boulevard

DECEMBER 22, 2021

State-sponsored attacker groups have also been detected trying to exploit the vulnerability. To buy time for organizations racing to fix the bug, vendors like Cloudflare and ExpressVPN have rolled out temporary protection against Log4j. You can’t secure what you don’t know about. Photo by Math on Unsplash. What happened.

Software

Software Firewall Authentication Internet

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22. Vamosi: That's Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency under the US Department of Homeland Security.

Hacking

Hacking Ransomware Cryptocurrency Engineering

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22. Vamosi: That's Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency under the US Department of Homeland Security.

Hacking

Hacking Ransomware Cryptocurrency Engineering

The Hacker Mind: Follow The Rabbit

ForAllSecure

MARCH 30, 2022

In this episode I’ll talk with two security researchers who simply followed the rabbit. Vamosi: Cloud security is relatively new and as such it probably hasn’t gotten as much attention as it deserves. We’ve seen hints of this in tv shows such as Mr. Robot. Owner: May I help you with something? Owner: Pardon me?

Firewall

Firewall Authentication Encryption Accountability

In wake of giant software hacks, application security tactics due for an overhaul

SC Magazine

MARCH 29, 2021

The Biden administration is reportedly preparing a raft of software-related security measures designed to prevent breaches like the one that hit SolarWinds and its customers. Official White House Photo by Adam Schultz). Indeed, evidence shows that the attack surface around applications is getting larger. A complex picture.

Software

Software Hacking Government Cyber Insurance

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. Table of Contents. How Do VC Firms Work?

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Cyber Security Informer

HackerOne awarded over $300 million bug hunters

What to do when a bug bounty request sounds more like extortion

Trending Sources

How to Close the Cybersecurity Skills Gap in Your Business

What Do the Pentagon and Facebook Have in Common? Website Security.

The rise of millionaire zero-day exploit markets

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Breach Exposes Users of Microleaves Proxy Service

How to Implement a Penetration Testing Program in 10 Steps

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

The Hacker Mind Podcast: Hacking Ethereum Smart Contracts

Looking back on the Log4j Weekend

The Hacker Mind Podcast: Hacking Ransomware

The Hacker Mind Podcast: Hacking Ransomware

The Hacker Mind: Follow The Rabbit

In wake of giant software hacks, application security tactics due for an overhaul

Top VC Firms in Cybersecurity of 2022

Stay Connected