A 17-year-old German student contends PayPal has denied him a reward for finding a vulnerability in its website.Robert Kugler said he notified PayPal of the vulnerability on May 19. He
said he was informed by email that because he is under 18 years old, he
did not qualify for its Bug Bounty Program.
Many companies such as Google and Facebook have reward programs. The
programs are intended to create an incentive for website users to report
problems and create fixes before hackers can take advantage.
Google pays from $100 up to $20,000 depending on the severity of the
issue and Facebook pays a minimum of $500 for qualifying bugs. Neither
company has age restrictions listed on their websites.
Australian Broadcasting Corp. television reported that
the plans for the 630 million Australian dollar ($608 million)
Australian Security Intelligence Organization building in Canberra had been stolen
through a cyberattack on a building contractor.
Australian officials refused to confirm or deny whether
Chinese hackers had stolen the blueprints of a new spy agency
headquarters as a news report claims.
According to ABC's Four corners the blueprints setting out the building's cable layouts and
security systems had been illegally accessed by a server in China.
Under this hacking operations the Prime Minster's Office, the Defence Ministry and the Department of Foreign Affairs had been breached.
The biggest story in malware right now is mobile malware. The shift from traditional mobile phones that simply made phone calls to smartphones containing gigabytes of data has made the
pocket-sized computers a prime target for attackers.
There was a 32 percent increase in the number of documented vulnerabilities for mobile operating systems and, not surprisingly, a 58 percent increase in mobile malware and
Android smartphones and tablets are the hottest targets.
Virtually all mobile malware samples detected are intended for Android, ranging from malware that sends out SMS messages, or fraudulent SMS payments, mobile botnets, spyware, and Trojans that can capture or destroy data from Android devices.
There has been biggest spike in malware samples detected in four years, and the growing threat faced by mobile devices—particularly Android mobile devices.
Nmap ("Network Mapper") is a free and open source utility for network
exploration or security auditing. Many systems and network
administrators also find it useful for tasks such as network inventory,
managing service upgrade schedules, and monitoring host or service
uptime. Nmap uses raw IP packets in novel ways to determine what hosts
are available on the network, what services (application name and
version) those hosts are offering, what operating systems (and OS
versions) they are running, what type of packet filters/firewalls are in
use, and dozens of other characteristics.
- Host discovery - Identify hosts on a network.
- Port scanning - Enumerate the open ports on one or more target hosts.
- Version
detection - Interrogate network services listening on remote devices to
determine the application name and version number.
- OS detection - Remotely determine the operating system and some hardware characteristics of network devices.
- Scriptable interaction with the target - Using Nmap Scripting Engine and the Lua language, customized queries can be made.
- Reverse DNS lookup.
- Find device type information.
- Retrieve MAC addresses and many more.
Topera is a brand new TCP port scanner under IPv6, with
the particularity that these scans are not detected by Snort. Snort is
the most known IDS/IPS and is widely used in many different critical
environments. Some commercial tools (Juniper or Checkpoint ones) use it
as detection engine also. Mocking snort detection capabilities could
suppose a high risk in some cases.
Fixed some bugs: - Get local IPv6 address - Get local ethernet interface - sniffer packet counter - Some minor fixes.
You can see an example of execution of Topera in link below demo video.
Download Topera IPv6 port scanner.
