Pinterest announced this week that it would begin paying cash rewards through its bug bounty program, and said that its move to HTTPS paved the way.
Tag Archives: Web Security
Stealthy, Persistent DLL Hijacking Works Against OS X
Researcher Patrick Wardle of Synack is expected this week at CanSecWest to unveil malicious dylib attacks against Apple’s Mac OS X.
Facebook Transparency Report: US Data Requests Dip Slightly
Facebook’s Transparency Report for the latter half of 2014 shows slightly fewer U.S. government requests for user data; the company also updates its Community Standards.
Yahoo Previews End-To-End Email Encryption Plug-In
Yahoo CISO Alex Stamos said a preview of the company’s end to end encryption plugin has been released to GitHub for review.
Mozilla Releases Open Source Masche Forensics Tool
Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event. The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine. […]
Google Apps ‘Defect’ Leaks Private WHOIS Data Of 280,000
A Google Apps bug leaked hidden WHOIS registrant information in the clear, putting close to 300,000 domain owners at risk for identity theft, phishing scams and more.
Adobe Patches 11 Critical Vulnerabilities in Flash Player
Adobe released an updated Flash Player with patches for 11 critical vulnerabilities, most of which lead to remote code execution.
CryptoLocker Variant Coming After Gamers
A variant of CryptoLocker ransomware is targeting gamers, encrypting files associated with more than 20 popular titles in exchange for a Bitcoin payment.
BlackBerry Warns Many Products Vulnerable to FREAK Attack
BlackBerry is warning customers that a large portion of the company’s product portfolio is vulnerable to the FREAK SSL attack. Many versions of the BlackBerry OS and BlackBerry Enterprise Server are vulnerable to FREAK, as are a number of versions of BlackBerry Messenger. The advisory from BlackBerry says that there are no workarounds for the […]
SQL Injection Bug Fixed in Popular WordPress SEO Plug-In
Popular search engine optimization plugin, SEO by Yoast fixed a blind SQL injection vulnerability yesterday that could be exploited to take control of affected sites.