Bug Bounties

RoboJoe, Apple, VMWARE, AI, Confluence, Scarcruft, Microsoft, Jason Wood, and More – SWN #356

January 23, 2024

RoboJoe, Apple, VMWARE, AI Vision, Confluence, Scarcruft, Microsoft, Jason Wood, and more on this Edition of the Security Weekly News.

Bug Bounties

Hacker Heroes – Casey Ellis – PSW Vault

January 3, 2024

Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd. ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolution...

Vulnerability Management

Cybertruck, Okta, Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More – SWN #345

December 1, 2023

Cybertruck, Okta, Google and More Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More News on the Security Weekly News.

Sign in Zoom app on laptop screen close up view

Bug Bounties

Zoom flaw enabled hijacking of accounts with access to meetings, team chat

Laura FrenchNovember 30, 2023

Ethical hackers at AppOmni claimed a $5,000 bug bounty for discovering the Zoom Rooms vulnerability, disclosed at a conference last summer.

Bug Bounties

Microsoft bounty programs hand out $63M over a decade

SC StaffNovember 22, 2023

Microsoft has given $63 million in rewards to bug bounty program participants since its first program for reports on Windows 8.1 exploitation methods and Internet Explorer 11 preview flaws in 2013, with $60 million of the bounty paid during the last five years alone, reports SecurityWeek.

Vulnerability Management

Microsoft, SeroxenRAT, Smart Links, ToddyCAT, ShellBot, More News & Aaran Leyland – SWN #333

October 13, 2023

This week Dr. Doug talks: Microsoft, SeroxenRAT, Smart Links, Vogons, ToddyCAT, ShellBot, Hidden servers, Aaran Leyland, and More on the Security Weekly News!

Malware

Fake Dead Grandma’s, No Flipper Zero, Looney Tunables, & $20 Mil For Zero Days – PSW #801

October 4, 2023

In the Security News: No Flipper Zero for you!, your glibc is hanging out and other Looney Tunables, and it vulnerable, for no reasons, other than the obvious ones, a Russian firm will pay $20m for Android or iPhone 0days, you do what you do and other Exim vulnerability stories, yet another way to become root on Linux, if you ever wanted to read th...

Application security

A Deceptive Dependabot, Insecure JWT, CISA Wants HBOMs, OpenSSF’s Critical Projects – ASW #257

October 2, 2023

Attackers impersonate Dependabot commits, an alg of "none" plagues a JWT, CISA calls for hardware bills of materials, OpenSSF lists its critical projects, Exim (finally! maybe?) has some patches, bug bounties and open source projects, and more!

Bug Bounties

RoboJoe, Apple, VMWARE, AI, Confluence, Scarcruft, Microsoft, Jason Wood, and More – SWN #356

Hacker Heroes – Casey Ellis – PSW Vault

Cybertruck, Okta, Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More – SWN #345

Zoom flaw enabled hijacking of accounts with access to meetings, team chat

Microsoft bounty programs hand out $63M over a decade

Microsoft, SeroxenRAT, Smart Links, ToddyCAT, ShellBot, More News & Aaran Leyland – SWN #333

Fake Dead Grandma’s, No Flipper Zero, Looney Tunables, & $20 Mil For Zero Days – PSW #801

A Deceptive Dependabot, Insecure JWT, CISA Wants HBOMs, OpenSSF’s Critical Projects – ASW #257

Fast Five

Selected by the SC Media Editorial team every Tuesday.