HackerOne Fires Employee for Stealing Bug Reports, Collecting Bug Bounties

Bug bounty and vulnerability coordination platform HackerOne has fired an employee for using their position to access customers’ vulnerability data and selling duplicated data back to them to make money.…

Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1

Other than Windows 11, Microsoft Teams and Mozilla Firefox, Oracle Virtualbox, Ubuntu Desktop, and Safari browser were also hacked on day one of PWN2OWN 2022 in Vancouver. Pwn2Own is a…

“Ethical Hacker” Stole Half a Million in Crypto Form Elderly Person

The victim had hired the “ethical hacker” Aaron Daniel Motta to install a security system in their residence. An IT expert and certified ethical hacker, Aaron Daniel Motta, has been…

Most Orgs Would Take Security Bugs Over Ethical Hacking Help

A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old “security by obscurity” ways. Enterprises are putting greater stock in cybersecurity,…

Public Exploit Released for Windows 10 Bug

The vulnerability affects all unpatched Windows 10 versions following a messy Microsoft January update. Security teams might have skipped January’s Patch Tuesday after reports of it breaking servers, but it…

Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

The researcher found that he could gain unauthorized camera access via a shared iCloud document that could also “hack every website you’ve ever visited.” A researcher who showed Apple how…

Organizations Face a ‘Losing Battle’ Against Vulnerabilities

Companies must take more ‘innovative and proactive’ approaches to security in 2022 to combat threats that emerged last year, researchers said. After a banner year for vulnerabilities and cyberattacks in…

Homeland Security Offering $5,000 Bug Bounty to Hack DHS

The program will allow hackers and security researchers to earn between $500 to $5,000 for identifying verified vulnerabilities. The US Department of Homeland Security (DHS) has announced a new bug…

US charges alleged extortionist, HeheStreams operator with demanding $150k from MLB

Written by Jeff Stone Oct 29, 2021 | CYBERSCOOP U.S. prosecutors have charged a 30-year-old man with attempting to extort Major League Baseball and broadcasting illegal game streams after he…

U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn

Meanwhile, Zerodium’s quest to buy VPN exploits is problematic, researchers said. The launch of a standing offer to pay for Windows virtual private network (VPN) software zero-day exploits came to…