Google paid $10 million in bug bounty rewards last year
Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company’s products and services.…
Category: Bleeping Computer
Tor’s new WebTunnel bridges mimic HTTPS traffic to evade censorship
The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting the Tor network by hiding connections in plain…
Over 12 million auth secrets and keys leaked on GitHub in 2023
GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after…
Equilend warns employees their data was stolen by ransomware gang
New York-based securities lending platform EquiLend Holdings confirmed in data breach notification letters sent to employees that their data was stolen in a January ransomware…
Microsoft says Windows 10 21H2 support is ending in June
Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service.…
Tuta Mail adds new quantum-resistant encryption to protect email
Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks. Tuta Mail is an open-source end-to-end encrypted email…
Okta says data leaked on hacking forum not from its systems
Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.…
Researchers expose Microsoft SCCM misconfigs usable in cyberattacks
Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft’s Configuration Manager, which could allow an…
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware
Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. However,…
Fake Leather wallet app on Apple App Store is a crypto drainer
The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet…
YouTube stops recommending videos when signed out of Google
YouTube is no longer showing recommended videos to users logged out of a Google account or using Incognito mode, making people concerned they are being…
Magnet Goblin hackers use 1-day flaws to drop custom Linux malware
Image: Midjourney A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and…