Security News

Netflix, Dropbox promise not to sue security researchers, with caveats
2018-03-23 20:26

Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the researchers must conduct the...

Netflix Launches Public Bug Bounty Program
2018-03-22 12:42

Netflix announced on Wednesday the launch of a public bug bounty program with rewards of up to $15,000, and Dropbox has made some changes to its vulnerability disclosure policy, promising not to...

Netflix Opens Public Bug Bounty Program with $15K Payout Cap
2018-03-21 22:27

Netflix opens up bug bounty program to all white hat hackers and ups the ante for bugs to as much as $15,000.

Phishers target Netflix users, ask for info and photo of their ID
2018-01-16 16:48

Should you send Netflix a selfie in which you hold your ID card to get your account reinstated? The answer is an emphatic no, but each one of us knows at least one person who would find the...

Artful Netflix-themed phishing campaign can fool many
2017-11-08 17:33

A recently spotted Netflix-themed phishing email campaign is so well crafted that it’s difficult for many less tech-savvy users to spot the scam. Extremely convincing phishing emails The emails,...

Netflix Helps Identify APIs at Risk of Application DDoS Attacks (Security Week)
2017-08-01 16:41

Netflix has published tools and information to help defenders identify systems that could be leveraged by malicious actors for damaging application layer distributed denial-of-service (DDoS)...

Hacker leaks 'Orange is the New Black' Season 5 after Netflix refused to Pay Ransom (The Hackers News)
2017-05-01 02:57

After releasing 10 back-to-back episodes of the Season 5 premiere of Netflix's "Orange Is the New Black," a hacking group calling itself The Dark Overlord is threatening to leak a trove of other...

Netflix’s HTTPS Update Can’t Combat Passive Traffic Analysis Attacks (Threatpost)
2017-04-12 21:04

Academics argue that Netflix's recent upgrade to HTTPS is doing little to protect its users from a passive traffic analysis attack.