A few companies pay money to bug hunters. But Facebook is giving out something more unique than just a check. Some security researchers are getting a customized “White Hat Bug Bounty Program” Visa debit card. The researchers, who can make thousands of dollars for reporting just one security hole on the social-networking site, can use […]
Continue ReadingAfter 32 raids across Italy (and one in Switzerland), 15 alleged members of Anonymous have been arrested. The detainees, aged between 15 and 28 with five under 18, have been accused of performing denial of service attacks on Italian Web sites belonging to the government, and on both state and private broadcasters. The Italian authorities […]
Continue ReadingOver the weekend, LulzSec has seemingly finally moved away from being in it “for the lulz” and has acquired a cause: it has announced it has teamed up with Anonymous and other “affiliated battleships” and that it is launching “Operation Anti-Security”. “Top priority is to steal and leak any classified government information, including email spools […]
Continue ReadingSymantec Exposed Passwords, Serials – SQL Injection, Full Database Access A self-proclaimed grey-hat hacker has located a critical SQL injection vulnerability in a website belonging to security giant Symantec. The flaw can be leveraged to extract a wealth of information from the database including customer and admin login credentials, product serial numbers, and possibly credit […]
Continue ReadingHow I cross-site scripted Twitter in 15 minutes, and why you shouldn’t store important data on 37signals’ applications “Today the Ruby on Rails security team released a patch for a cross-site scripting issue which affected multiple high-profile applications, including Twitter and Basecamp. If you’re concerned about the issue and would like to see the patch, […]
Continue ReadingWASHINGTON – Wanted: Computer hackers. Federal authorities aren’t looking to prosecute them, but to pay them to secure the nation’s networks. General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could “think like the bad guy.” Applicants, it said, must understand hackers’ tools and […]
Continue Reading