Recent Security News
-
Microsoft’s bug bounty turns 10. Are these kinds of rewards making code more secure?
November 22, 2023 at 06:02AM Microsoft’s bug bounty program, which pays out rewards to security researchers who discover vulnerabilities, has awarded a total of $63 million over the past decade. The program has experienced explosive growth since 2018, with Microsoft doubling the number of bounty reports, program participants, and awards. Despite this, bug bounty platforms…
-
ClearFake Campaign Expands to Deliver Atomic Stealer on Macs Systems
November 22, 2023 at 02:24AM The macOS information stealer, Atomic, is now being distributed through a malicious web browser update chain called ClearFake. This marks the first time a social engineering campaign intended for Windows has expanded to macOS. Atomic Stealer is a commercial malware that steals data from web browsers and cryptocurrency wallets. ClearFake…
-
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
November 22, 2023 at 12:36AM LockBit ransomware affiliates are actively exploiting a critical security flaw in Citrix NetScaler appliances to gain initial access to target environments. The flaw, known as Citrix Bleed, allows threat actors to bypass password requirements and multifactor authentication, enabling session hijacking and unauthorized access to data. The vulnerability, tracked as CVE-2023-4966,…
-
Binance and CEO admit financial crimes, billions coughed up to US govt
November 21, 2023 at 08:11PM Binance, the world’s largest cryptocurrency exchange, and its CEO Changpeng Zhao have pleaded guilty to multiple financial crimes. As a result, Binance will pay $10 billion in fines and settlements to the US Department of Justice. The crimes include failure to register as a money services business, violating anti-money laundering…