Bug bounty program startup HackerOne Inc. has suffered a security breach after accidentally giving a researcher the ability to read and modify some of its bug reports. The incident occurred because an analyst at Hackerone who was corresponding with the researcher provided a cURL command that mistakenly included a valid session cookie. That gave anyone ...

Apple Inc., a company that prides itself on customer privacy, has been caught out after it was discovered that the current model iPhone 11 Pro continues to share a location data even when the feature has been turned off. The unauthorized data sharing was discovered Tuesday by security researcher Brian Krebs, who found that the phones send location ...

Israeli cybersecurity startup Panorays Ltd today said it has raised $15 million in new funding to expand its marketing and sales initiatives as well as to do more research and development. The Series A round was led by Oak HC/FT and included previous investors Aleph VC and Lane Bess, the former chief executive officer of Palo Alto ...

Financial management and human capital management software firm Workday Inc. topped Wall Street estimates for another quarter thanks to strong subscription revenue growth. The company booked total revenue of $938.1 million in the third quarter, up 26% over the same quarter of 2018, with subscription revenue coming in at $798.5 million, up 28%. Workdays’ operating loss marginally ...

Salesforce.com Inc. beat market analysts’ predictions for the second straight quarter, but disappointing guidance caused its stock price to drop slightly in after-hours trading. For the quarter ended Oct. 31, Salesforce reported revenue of $4.5 billion, up 33% from the same quarter of 2018. Analysts had predicted a figure of $4.46 billion. Subscription and support ...

Amazon Web Services Inc. today announced three new security-related products at its annual AWS re:Invent conference today in Las Vegas, all aimed at providing new services and capabilities for its customers to “operate securely.” Leading the announcements is the long-rumored Amazon Detective. The new service has been designed to make it easier for AWS customers ...

McAfee LLC today announced it’s adding support for the new Amazon Detective cloud security service as part of its McAfee MVISION Cloud for Amazon Web Services to provide customers with better incident detection and remediation. Amazon Detective, announced by Amazon Web Services Inc. at the AWS re:Invent conference in Las Vegas running this week, uses artificial ...

Cloud-based encryption software company StrongSalt today announced its Open Privacy application programming interface for searching and sharing encrypted data in cloud services and enterprise applications. The company’s first major announcement since it raised $3 million in seed funding in September, the API has been designed to allow searching and use of encrypted data without the need for ...

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a draft version of a directive that would require federal agencies to establish vulnerability disclosure policies. The draft Binding Operational Directive 20-01 has been designed to address an environment that delays or discourages the public from reporting potential information security problems to the ...

Private data including tens of millions of SMS text messages linked to communication company TrueDialog have been found exposed online putting data related to millions of Americans at risk. Found and publicized today by security researchers at vpnMentor, the breach involved an unsecured Oracle Marketing Cloud database exposed on Microsoft Azure. The 604 gigabytes of data in the database ...