Sat.Oct 28, 2023

article thumbnail

Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023

Security Affairs

The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,250 for 58 unique 0-days. The Team Viettel ( @vcslab ) won the Master of Pwn with $180K and 30 points. The vulnerabilities exploited by the experts have been disclosed to the vendors, the ZDI gives them 90 days to address these flaws.

Hacking 144
article thumbnail

HackerOne paid ethical hackers over $300 million in bug bounties

Bleeping Computer

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. [.

124
124
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service

The Hacker News

New findings have shed light on what's said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany.

article thumbnail

Malvertising via Dynamic Search Ads delivers malware bonanza

Malwarebytes

Most, if not all malvertising incidents result from a threat actor either injecting code within an existing ad, or intentionally creating one. Today, we look at a different scenario where, as strange as that may sound, malvertising was entirely accidental. The reason this happened was due to the combination of two separate factors: a compromised website and Google Dynamic Search Ads.

Malware 108
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Hackers email stolen student data to parents of Nevada school district

Bleeping Computer

The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack. [.

article thumbnail

This Cryptomining Tool Is Stealing Secrets

WIRED Threat Level

Plus: Details emerge of a US government social media-scanning tool that flags “derogatory” speech, and researchers find vulnerabilities in the global mobile communications network.

Mobile 89