TechCrunch has just reported that Yahoo has paid bug hunters $700,000 in rewards during the Bug Bounty Program’s first year. The program is a reaction to the security community’s complaints that the company was taking advantage of researchers by paying them a mere $12.50 in company vouchers for finding weaknesses in Yahoo’s products. In an attempt […]

According to Georgia Tech research, the simply by using clever javascript, Chrome on Android can be caused to leak address information. The research team will be presenting their findings at Black Hat USA 2014 where they will demonstrate their findings. You can read the EurekAlert write up of this here.

Google security engineer Tavis Ormandy has recently uncovered a vulnerability in Microsoft’s malware protection engine. This hole allows attackers to create a file that the products would scan and due to this scan, become disabled. Details on the contents of these malicious files hasn’t been disclosed but Ormandy hinted that the vulnerability involves the JavaScript Interpreter. An […]

If you don’t yet know what HeartBleed is you can read about it here. It is a vulnerability in the OpenSSL cryptography library that allows hackers to gain access to a computer or server’s data. Now hackers are exploiting this in a scheme to trick people into downloading and installing malicious software, as reported by […]