Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons

Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser.
The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification calledGoogle Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser.
The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification calledRead More

Britse politie toont waarschuwing aan scholieren die naar ddos-diensten zoeken

De Britse politie is in samenwerking met een internetprovider voor onderwijsinstellingen een nieuw initiatief gestart waarbij …De Britse politie is in samenwerking met een internetprovider voor onderwijsinstellingen een nieuw initiatief gestart waarbij …Read More

An Examination of the Bug Bounty Marketplace

Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary:

…researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs­ — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.

Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms — ­the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework — they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next.

Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary:
…researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs­ — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.
Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty …Read More

Apache Software Foundation waarschuwt voor gebruik end-of-life software

Gebruikers van Apache-software worden nog altijd aangevallen omdat ze van niet meer ondersteunde software gebruikmaken. Dit is …Gebruikers van Apache-software worden nog altijd aangevallen omdat ze van niet meer ondersteunde software gebruikmaken. Dit is …Read More

ABN Amro gaat schade bij bankhelpdeskfraude toch vergoeden

ABN Amro gaat klanten die het slachtoffer van bankhelpdeskfraude worden en daarbij hun pinpas afgegeven toch vergoeden. Ook …ABN Amro gaat klanten die het slachtoffer van bankhelpdeskfraude worden en daarbij hun pinpas afgegeven toch vergoeden. Ook …Read More

Acht verdachten achter REvil-ransomwaregroep aangeklaagd in Rusland

De Russische autoriteiten hebben acht personen aangeklaagd die vorige week werden aangehouden op verdenking van deelname aan de …De Russische autoriteiten hebben acht personen aangeklaagd die vorige week werden aangehouden op verdenking van deelname aan de …Read More

Betaalvereniging Nederland meldt lichte stijging van contante betalingen

Het aantal contante betalingen in onder andere winkels is vorig jaar licht gestegen ten opzichte van 2020, zo meldt …Het aantal contante betalingen in onder andere winkels is vorig jaar licht gestegen ten opzichte van 2020, zo meldt …Read More