Found 18 bookmarks
Custom sorting
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million. The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.
#securityweek#EN#2024#Google#bugbounty#2023#paid
·securityweek.com·
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.
Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.
UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life (EOL). The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 (19.0.1) and older of the product. It was originally patched in September 2022, but only in supported versions of Sophos Firewall. Sophos describes the security defect as a code injection issue in the Firewall’s User Portal and Webadmin components, allowing attackers to achieve remote code execution (RCE).
#securityweek#EN#2023#Sophos#CVE-2022-3236#critical-severity#EOL#Firewall#patch
·securityweek.com·
Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware. Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.
#securityweek#EN#2023#BlackLotus#UEFI#Bootkit#Source#Code#Leaked#GitHub
·securityweek.com·
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant
The LockBit ransomware group claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC), but the chip giant says only one of its suppliers was breached. The notorious cybercrime group announced on Thursday on its website that it targeted TSMC, suggesting — based on the $70 million ransom demand — that it has stolen vast amounts of sensitive information. The victim was initially given seven days to respond, but the deadline has been extended to August 6 at the time of writing.
#securityweek#EN#2023#LockBit#TSMC#ransomware
·securityweek.com·
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant