Bugs for cash: Bounty hunters in the new wild west of security

By Michelle Drolet . 20 Apr 2016

How security researchers and programmers hunt software bugs for cash rewards   The business of bug hunting is a potentially lucrative one for both seasoned security researchers and amateurs with an interest in hacking. It’s an area that’s gaining legitimacy thanks to official bug bounty programs and hacking contests, but there’s still a seedy underbelly … Continue reading Bugs for cash: Bounty hunters in the new wild west of security

Hundreds of cloud apps still vulnerable to DROWN

By Michelle Drolet . 22 Mar 2016

Complacency in addressing known vulnerabilities puts users at risk   If you have even a passing interest in security vulnerabilities, there’s no chance that you missed the news about the DROWN vulnerability. It’s one of the biggest vulnerabilities to hit since Heartbleed, potentially impacting a third of all HTTPS websites. By exploiting the obsolete SSLv2 … Continue reading Hundreds of cloud apps still vulnerable to DROWN

DROWN attack sinks security for millions of websites

By Michelle Drolet . 8 Mar 2016

Security researchers reveal new technique to break TLS using SSLv2 server. The war to close down security vulnerabilities is never-ending, but the new “DROWN” vulnerability is one of the biggest to rear its ugly head in recent months. A group of security researchers from a number of different universities and research institutes just unveiled this … Continue reading DROWN attack sinks security for millions of websites

Tags