On the IoT road: perks, benefits and security of moving smartly

This year, we decided to continue our tradition of small-scale experiments with security of connected devices but focused on the automotive-related topic. We randomly took several different automotive connected devices (a couple of auto scanners, a dashboard camera, a GPS tracker, a smart alarm system, a pressure and temperature monitoring system) and reviewed their security setup.

July 22, 2019
Read More >>

BlackBerry Cylance Downplays, Patches Antivirus Bypass

BlackBerry Cylance has prepared an update for its CylancePROTECT product to address a recently disclosed bypass method, but the company has downplayed the impact of the issue. Australia-based cybersecurity firm Skylight reported last week that its researchers had found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign. They discovered what they described as a universal bypass method that involved taking strings from a certain…

July 22, 2019
Read More >>

Microsoft Launches Bug Bounty Program for Dynamics 365

Microsoft this week announced the launch of a new bug bounty program for its Dynamics 365 enterprise resource planning (ERP) and customer relationship management (CRM) applications. The company has invited both independent researchers and organizations to find vulnerabilities in Dynamics 365 online applications and on-premises products. Rewards range between $500 and $20,000, but Microsoft says higher amounts may also be awarded depending on impact, severity and quality of the vulnerability…

July 19, 2019
Read More >>

Google Increases Bug Bounty Program Rewards

Google on Thursday informed security researchers that they can now earn significantly higher rewards if they submit vulnerability reports through the company’s bug bounty programs. According to the tech giant, over 8,500 security bug reports have been received since the launch of its Chrome Vulnerability Rewards Program in 2010, and more than $5 million have been paid out to researchers. The company has now decided to increase rewards across the…

July 19, 2019
Read More >>

Researchers Claim They Bypassed Cylance’s AI-Based Antivirus

Researchers at Australia-based cybersecurity firm Skylight claim to have found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign. Cylance, which last year was acquired by BlackBerry and is now called BlackBerry Cylance, told SecurityWeek it has launched an investigation to determine if the researchers’ findings are valid or if their method works as a result of a misconfiguration of the product. Artificial intelligence and…

July 19, 2019
Read More >>