Security Alerts & News
by Tymoteusz A. Góral

History
#1144 Chrysler launches Detroit’s first ‘bug bounty’ for hackers
When a pair of hackers exposed security flaws a year ago in a Jeep Cherokee, Fiat Chrysler could have responded by trying to keep other hackers away from its products with intimidation or lawsuits. The demo led to a 1.4-million-vehicle recall, after all. But instead, the company is trying a smarter approach: offering to pay for hacks.

On Wednesday the Italian-owned Detroit automaker announced that it will pay “bounties” of as much as $1,500 to security researchers who alert the company to hackable flaws in its software. That makes the company the first major carmaker to officially shell out dollars in exchange for security vulnerability information, a sign of Detroit’s growing awareness of the looming threat of digital attacks on vehicles. “It’s a very big move,” says Casey Ellis, the CEO of Bugcrowd, the firm running Fiat Chrysler’s bug bounty program. “This is basically creating normalcy around the dialogue between hackers and vehicle manufacturers for the purposes of making vehicles safer.”
Read more
#1151 Cisco patches DoS flaw in NCS 6000 routers
#1150 Security software priorities shift from defence to detection and response
#1149 Google hit by fresh European Union anti-trust charges
#1148 Android banking malware blocks victims’ outgoing calls to customer service
#1147 The FBI says its malware isn’t malware because the FBI is good
#1146 Popular Android, iPhone stocks app leaks your trading activities
#1145 Mozilla begins process of letting Firefox rust
#1144 Chrysler launches Detroit’s first ‘bug bounty’ for hackers
#1143 Cisco Jasper will help us solve the IoT data-delivery problem
#1142 Drupal patches remote code execution vulnerabilities in three modules
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12