vulnerability
Etsy starts its own bug bounty program
Etsy, the popular online marketplace for handcrafted and vintage goods, has announced its own bug bounty program, which will reward researchers with money and goods for …
Oracle confirms existence of another critical Java flaw
When Oracle finally patched the CVE-2012-4681 Java 0-day that was being actively exploited in the wild, Polish firm Security Explorations immediately piped up to say they …
Oracle patches Java 0-day, researchers say there’s another one
Oracle has finally issued an update for Java 7 (v 1.7.0_07) which solves the problem of the CVE-2012-4681 vulnerability (which actually consists of two distinct flaws). The …
Java 0-day exploit added to Blackhole kit, still no news about patch
The recently discovered Java zero-day flaw that has been spotted being used in limited targeted attacks in the wild has created quite a stir. A module that exploits the …
Google announces $2 milion in prizes for Pwnium 2
Following the announcement that it will be upping the monetary rewards given to security researchers that responsibly disclose Chromium vulnerabilities, Google has announced …
Google ups prizes in Chromium bug bounty program
Since a vulnerability rewards program for open source web browser project Chromium was instituted in early 2010, many vulnerabilities have been found and dealt with, and …
Critical vulnerabilities in popular DDoS toolkit exposed
Prolexic Technologies exposed weaknesses in the command and control (C&C) architecture of the Dirt Jumper DDoS Toolkit family that could neutralize would-be attackers. …
Vulnerability disclosure framework for industrial control systems
The Industrial Control Systems Joint Working Group (ICSJWG) published “The Industrial Control Systems Common Vulnerability Disclosure Framework”, which is a …
Is Ubisoft’s DRM browser plugin a rootkit?
An offhand remark made by Google engineer Tavis Ormandy to a post on the Full Disclosure mailing list has sparked anger in the harts of Ubisoft users, as he shared his …
Facebook invites white hats to attack its corporate network
Nearly a year ago, Facebook introduced its bug bounty program, inviting security researchers to poke around the site, discover vulnerabilities that could compromise the …
Scan Android for unpatched vulnerabilities
X-Ray scans your Android device to determine whether there are vulnerabilities that remain unpatched by your carrier. The X-Ray app presents you with a list of vulnerabilities …
Detecting mobile device vulnerabilities using Nessus
This video by Paul Asadoorian shows you how to enable and use the Nessus plugins which identify mobile devices and vulnerabilities from your MDM (Mobile Device Management) servers.