NSO zero-click iMessage exploit hacks iPhone without need to click links

The IT security researchers at Google have declared the NSO zero-click iMessage exploit as “Terrifying.” Google Project Zero’s (GPZ) Ian Beer and Samuel Groß have shared details on a new…

CISA, White House urge organizations to get ready for holiday cyberattacks

The Cybersecurity and Infrastructure Security Agency and the White House have released warnings to companies and organizations across the country, urging them to be on alert for cyberattacks ahead of…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Homeland Security Offering $5,000 Bug Bounty to Hack DHS

The program will allow hackers and security researchers to earn between $500 to $5,000 for identifying verified vulnerabilities. The US Department of Homeland Security (DHS) has announced a new bug…

Google: This zero-click iPhone attack was incredible and terrifying

Google has explained how surveillance company NSO Group developed an exploit that would allow users of its software to gain access to an iPhone and install spyware – without a…

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

DHS Launches Bug Bounty Program

DHS Launches Bug Bounty Program The United States Department of Homeland Security has launched a new bug bounty program to identify potential cybersecurity vulnerabilities and increase the department’s cybersecurity resilience. …

Meta targets user information, database scraping in bug bounty expansion

Meta has announced an expansion to its bug bounty platform to include vulnerabilities that can be abused for data scraping.  On Wednesday, the company – recently rebranded from Facebook –…

New “Hack DHS” program will pay up to $5,000 for discovered vulnerabilities

The US Department of Homeland Security is launching its own bug bounty program to help find and correct gaps in its systems.  more coverage The new “Hack DHS” program was…