The United States Department of Homeland Security (DHS) this week announced the launch of a bug bounty program focused on identifying vulnerabilities in its systems.
Industry Reactions to Log4Shell Vulnerability
The widely used Log4j logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including profit-driven cybercriminals and state-sponsored groups.
Facebook Will Reward Researchers for Reporting Scraping Bugs
Facebook Paid Out $2.3 Million in Bug Bounties in 2021
Social media giant Facebook today announced that it is expanding its bug bounty and data bounty programs to reward security researchers for reporting scraping vulnerabilities and databases.
Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw
If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability.
Investors Bet Big on Cloud Security Startups Ermetic, Dazz
Venture capital investors are continuing to bet big on cloud security technologies with two early-stage startups announcing a combined $130 million in funding for products to help businesses secure cloud deployments.
VMware Patches Critical Flaw in Workspace ONE UEM Console
VMware on Thursday announced the release of patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console.
Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations.
Corellium Lands $25 Million Investment for Virtualization Tech
Fresh off a high-profile legal triumph over Apple, virtualization technology startup Corellium is now enjoying the attention of investors with Paladin Capital Group leading a $25 million funding round.
MobileIron Users Targeted in Log4Shell Attacks as Exploit Activity Surges
Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird
Mozilla this week released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities, including several bugs rated high severity.











