SEARCH
New Tactics Emerge as Phishing Evolves
Recent phishing campaigns uncovered by Microsoft are using custom 404 error pages and search result poisoning to fool victims.
Time, Not Money, Kills Bugs
The measure of a bug bounty program's success is not how much researchers were paid, but how the organization handled the volume of new reports. GitLab's James Ritchey share some of the lessons learned in the company's first year of the public bug bounty program.
Mozilla to Require 2FA for Add-On Developers
Mozilla will soon require add-on developers to enable 2FA for their accounts in an effort to defeat supply chain attacks.
Microsoft Fixes Windows Bug Under Active Attack
Microsoft patched CVE-2019-1458 in Windows, a privilege escalation bug that is being used in active attacks.
Maze Turns Ransomware Incidents into Data Breaches
Maze ransomware, which infected Pensacola, Florida, exfiltrates the data to a remote server before encrypting the local copies in order to force victims to pay the ransom. The group threatens to publicly release the files if the victims don't pay.