Security

If you're a security expert and fond of traveling, United Airlines' new bug bounty program will likely be of interest.

Companies such as Google, Microsoft and Facebook offer monetary rewards to outside researchers who discover and disclose security flaws. Now, United has started a similar program, but, in keeping with the company's services, has chosen to offer air miles as rewards.

Earlier this week, Starbucks customers reported that hundreds of dollars were stolen from their credit cards. The Starbucks mobile app lets customers pay at checkout with their phone. The app can also reload Starbucks gift cards by automatically drawing funds from bank account, credit card or Pay Pal.

Traditional home security cameras are valuable, but they also yield hour after hour of footage owners have to wade through when they're looking for specific information. Oregon-based Flir says it has the solution to that problem. Its new FX Wi-Fi camera uses intelligent motion tracking to create a simultaneous replay of everything it has captured throughout the day so that users can easily review that footage in just minutes.

The just-patched critical vulnerability in widely used virtualization software is an ideal exploitation target for state-sponsored spies and criminals alike fishing for passwords, cryptography keys, or bitcoins, a researcher who has dissected one of the fixes said.

Venom (Virtualized Environment Neglected Operations Manipulation), the recently discovered security hole in the open-source QEMU virtual machine hypervisor, has been fixed.

That's the good news. The bad news is many of you, even though you may use a QEMU-based hypervisor on your server or for your cloud, think you've nothing to worry about. You do.

Continuing digitisation of goods and services, combined with the further development of mobile, including wearables, and the so-called internet of things, will see the annual cost of cyber-crime and security breaches reach $2.1 trillion (£1.3 trillion) in just four years, according to Juniper Research.

Starbucks customers are reporting that hundreds of dollars have been stolen from their credit cards after receiving emails saying the passwords and login details for the coffee company's mobile app had been reset.

While details of exactly how the attacks are taking place are still unclear, it appears that credentials leaked in previous cyberattacks could be used to allow hackers to siphon off money from Starbucks's customers.

 CrowdStrike researchers announced this morning that they have discovered a buffer overflow vulnerability in many of today's most popular virtual machine platforms that could potentially allow hackers access to the host.

They named the vulnerability VENOM -- Virtualized Environment Neglected Operations Manipulation -- because it takes advantage of long-neglected code, the virtual floppy disk controller.

The US government's prosecution of a South Korean businessman accused of illegally selling technology used in aircraft and missiles to Iran was dealt a devastating blow by a federal judge. The judge ruled Friday that the authorities illegally seized the businessman's computer at Los Angeles International Airport as he was to board a flight home.

A critical vulnerability in MacKeeper, a controversial security program for Mac computers, could let attackers execute malicious commands on Macs when their owners visit specially crafted Web pages.

MacKeeper’s developers acknowledged the recently discovered problem and released a fix for it Friday, saying in a blog post that users should run MacKeeper Update Tracker and install version 3.4.1 or later.