Failure to patch known ImageMagick flaw for months costs Facebook $40k

Facebook paid a US$40,000 reward to a researcher after he warned the company that its servers were vulnerable to an exploit called ImageTragick. ImageMagick is a command-line tool that can resize, convert and optimize images in many formats. Facebook paid Andrey Leonov a $40,00 bounty, one of the largest rewards it has paid for a single vulnerability report. The company patched the flaw three days after the researcher reported it to Facebook on Oct. 16.”]

Source: https://www.csoonline.com/article/3158697/failure-to-patch-known-imagemagick-flaw-for-months-costs-facebook-40k.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text