Kaspersky Lab today at Black Hat USA 2016 announced the launch of a public bug bounty, one of the few offered by a software vendor in the computer security industry.
Tag Archives: application security
Hacker finds flaws that could let anyone steal $25 Billion from a Bank
A security researcher could have stolen as much as $25 Billion from one of the India’s biggest banks ‒ Thanks to the bank’s vulnerable mobile application.
Late last year, security researcher Sathya Prakash discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just
Uber Bug Bounty Rewards Loyalty, Promises Transparency
Uber announced a public bug bounty program that will pay up to $10,000 for critical bugs, and which also includes a loyalty program that pays bonuses for five or more finds.
Operation Buhtrap malware distributed via ammyy.com
The free version of Ammyy’s remote administrator software were being served a bundle that contained an NSIS installer used by the gang behind Operation Buhtrap.
The post Operation Buhtrap malware distributed via ammyy.com appeared first on We Live Security.
Latest BSIMM Data Puts Health Care Back of the Pack
The sixth version of the Building Security in Maturity Model (BSIMM) was released today and for the first time includes data on the software security practices of health care organizations.
RubyGems Patches Serious Redirection Vulnerability
RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server.
ICU Project Overflow Vulnerabilities Patched
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
Google Patches Clickjacking Bug
Google paid out a $1,337 bounty to a researcher who found a clickjacking vulnerability in Google API Explorer.
OWASP Releases Latest App Sec Guide
OWASP published the latest iteration of its Testing Guide, an informational manual designed to teach developers how to build and maintain secure application.