Google has just released an updated version of Chrome 61, version 61.0.3163.100, that addresses 3 security flaws, two of which rated high-severity. The new version is already available for Windows, Mac, and Linux users and includes a total of three vulnerabilities. The first high-risk bug, tracked as CVE-2017-5121, is an Out-of-bounds access in V8 reported b

The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor browser to law enforcement and governm

A mysterious company is offering up to $250,000 for virtual machine (VM) hacks. The “secret” bug bounty program was announced by Bugcrowd. A mysterious company makes the headlines for offering up to $250,000 for virtual machine (VM) hacks. The “secret” bug bounty program was announced by the crowdsourced security testing platform Bugcrowd. At the time I was

An Italian expert discovered a critical Improper Authentication vulnerability affecting the UBER platform that allowed password reset for any account. The Italian security expert Vincenzo C. Aka @Procode701 has discovered 7 months ago a critical vulnerability in UBER platform that allowed password reset for any Uber account. The researcher reported the ̵

Yahoo awarded $7,000 to the bug hunter Michael Reizelman, aka mishre, for Flickr account hijacking vulnerability. Reizelman was a popular bug hunter that discovered vulnerabilities in many web services, including Badoo, Dropbox, GitHub, Google, Imgur, Slack, Twitter, and Uber. The expert has discovered three vulnerabilities in the company’s image and video

Intel has announced it will begin rewarding researchers who responsibly disclose security vulnerabilities they find in its products.On 15 March, the Santa Clara-based multinational corporation and technology company unveiled its first-ever bug bounty. It made the announcement in Vancouver, British Columbia at the CanSecWest security conference, one of The St

A security expert discovered a flaw in a ransomware protection service that opened Uber service, and many others, to cyber attacks. The Russian penetration tester Vladimir Ivanov from the security firm Positive Technologies has discovered a vulnerability in anti-ransomware backup service Code42. The flaw could be exploited by attackers to steal data from the

A flaw in Brave Browser could be exploited by attackers to trick users into visiting a fake or malicious website to serve either malware or conduct phishing attacks. Brave is an open source project that promises to block Internet greed and ugliness while improving speed and protecting privacy. Basically, it blocks ads containing pixels and cookies that track

Facebook has taken the privacy of their customers seriously, as their Chief Security Officer (CSO) Alex Stamos has stated that the company has engaged in black market purchases of leaked or hacked databases that contain Facebook account credentials.A Preface To The Facebook Black Market TradeFacebook has publicly disclosed that it has bought leaked databases

The United States military has announced it will be launching its inaugural bug bounty program called “Hack the Army” in November 2016.Outgoing secretary of the Army Eric Fanning made the announcement in a press conference. He said the program will help the Army keep up with the latest digital threats.As quoted by WIRED:“We’re not agile eno

Crowd-sourced review service Yelp says it will award researchers up to 15,000 USD for reporting exploits as part of its newly public bug bounty program.The company successfully ran a private bug-bounty program for the past two years, during which it worked with private researchers and bug bounty hunters to fix as many as 100 vulnerabilities.But to adequately

It’s hard to keep up with the hundreds of security-specific headlines published every week. So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore bug bounty programs, bug fixes, and healthcare breaches. Check back every Friday to learn about the latest in security news. Ap

Apple has announced it will be launching a bug bounty program that will pay security researchers upwards of USD 200,000 for finding flaws in its software.On Thursday at the Black Hat USA 2016 security conference in Las Vegas, Nevada, head of the Apple Security Engineering and Architecture group Ivan Krstic made the announcement at the end of his presentation

It’s hard to keep up with the hundreds of security-specific headlines published every week. So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore car hacking, Pokemon Go, and data breach investigations. Check back every Friday to learn about the latest in security news. Fi

Fiat Chrysler Automobiles (FCA) announced on Wednesday the launch of its own bug bounty program, rewarding researchers for disclosing security vulnerabilities in its connected cars.As the seventh-largest automaker in the world, Fiat Chrysler is among the first major vehicle manufacturers to offer “bounty” payouts, ranging from $150 to $1,500 per bug.The new