Security News > 2020

A total of 146 valid vulnerabilities were reported as part of the second Hack the Army bug bounty program, and more than $275,000 were paid in rewards. The second Army bug bounty program saw participation from 52 hackers from the U.S., Canada, Romania, Portugal, the Netherlands, and Germany.

As business email compromise schemes continue to evolve, some cybercriminals are focusing on accessing companies' financial documents, which provide useful information to support the theft of money, according to a new report from security firm Agari. This case shows that business email compromise scams are becoming more ambitious, with fraudsters using social engineering techniques to steal as many financial documents as possible, according to the report.

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.

A computer security expert says he found that a forensic image of the election server central to a legal battle over the integrity of Georgia elections showed signs that the original server was hacked. Logan Lamb, a security expert for the plaintiffs, said in an affidavit filed in Atlanta federal court on Thursday that he found evidence suggesting the server was compromised in December 2014.

Siemens this week addressed several vulnerabilities and warned customers about the security risks associated with the use of ActiveX in industrial products. ActiveX has been known to pose serious security risks and it's currently only supported by Microsoft on Internet Explorer - ActiveX is not supported by other browsers such as Chrome, Safari or Firefox.

Toronto, Canada-based Security Compass has received additional funding from growth equity investment firm FTV Capital.

Two men have been arrested after Britain's National Crime Agency and its international pals claimed the takedown of breached credentials-reselling website WeLeakInfo. In a statement the agency alleged that credentials from the site were being used in cyber attacks affecting Britain, Germany and America.

Want to know what's in an open source software component before you use it? Microsoft Application Inspector will tell you what it does and spots potentially unwanted features - or backdoors. "At Microsoft, our software engineers use open source software to provide our customers high-quality software and services. Recognizing the inherent risks in trusting open source software, we created a source code analyzer called Microsoft Application Inspector to identify 'interesting' features and metadata, like the use of cryptography, connecting to a remote entity, and the platforms it runs on," Guy Acosta and Michael Scovetta, security program managers at Customer Security and Trust, Microsoft, explained the Inspector's genesis.