Microsoft Corp said on on Tuesday it is paying a well-known hacking expert more than US$100,000 for finding security holes in its software, one of the largest such bounties awarded to date by a high-tech company.
The software maker also released a much anticipated update to Internet Explorer, which it said fixes a bug that made users of the world’s most popular browser vulnerable to remote attack.
James Forshaw, who heads vulnerability research at London-based security consulting firm Context Information Security, won Microsoft’s first US$100,000 bounty for identifying a new “exploitation technique” in Windows, which will allow it to develop defenses against an entire class of attacks, the software maker said on Tuesday.
Forshaw earned another US$9,400 for identifying security bugs in a preview release of Microsoft’s Internet Explorer 11 browser, Microsoft Security Response Center senior security strategist Katie Moussouris said in a blog.
Microsoft unveiled the reward programs four months ago to bolster efforts to prevent sophisticated attackers from subverting new security technologies in its software, which runs on the vast majority of the world’s personal computers.
Forshaw has been credited with identifying several dozen software security bugs. He was awarded a large bounty from Hewlett-Packard Co for identifying a way to “pwn,” or take ownership of, Oracle Corp’s Java software in a high-profile contest known as Pwn2Own.
Microsoft also released an automatic update to Internet Explorer on Tuesday afternoon to fix a security bug that it first disclosed last month.
Researchers say hackers initially exploited that flaw to launch attacks on companies in Asia in an operation that the cybersecurity firm FireEye has dubbed DeputyDog.
Marc Maiffret, chief technology officer of the cybersecurity firm BeyondTrust, said the vulnerability was later more broadly used after Microsoft’s disclosure of the issue brought it to the attention of cyber criminals.
He is advising computer users to immediately install the update to Internet Explorer, if they do not have their PCs already set to automatically download updates.
That vulnerability in Internet Explorer was known as a “zero-day” because Microsoft, the targeted software maker, had zero days notice to fix the hole when the initial attacks exploiting the bug were discovered.
In an active, underground market for “zero day” vulnerabilities, criminal groups and governments sometimes pay US$1 million or more to hackers who identify such bugs.
Among the rows of vibrators, rubber torsos and leather harnesses at a Chinese sex toys exhibition in Shanghai this weekend, the beginnings of an artificial intelligence (AI)-driven shift in the industry quietly pulsed. China manufactures about 70 percent of the world’s sex toys, most of it the “hardware” on display at the fair — whether that be technicolor tentacled dildos or hyper-realistic personalized silicone dolls. Yet smart toys have been rising in popularity for some time. Many major European and US brands already offer tech-enhanced products that can enable long-distance love, monitor well-being and even bring people one step closer to
Malaysia’s leader yesterday announced plans to build a massive semiconductor design park, aiming to boost the Southeast Asian nation’s role in the global chip industry. A prominent player in the semiconductor industry for decades, Malaysia accounts for an estimated 13 percent of global back-end manufacturing, according to German tech giant Bosch. Now it wants to go beyond production and emerge as a chip design powerhouse too, Malaysian Prime Minister Anwar Ibrahim said. “I am pleased to announce the largest IC (integrated circuit) Design Park in Southeast Asia, that will house world-class anchor tenants and collaborate with global companies such as Arm [Holdings PLC],”
Sales in the retail, and food and beverage sectors last month continued to rise, increasing 0.7 percent and 13.6 percent respectively from a year earlier, setting record highs for the month of March, the Ministry of Economic Affairs said yesterday. Sales in the wholesale sector also grew last month by 4.6 annually, mainly due to the business opportunities for emerging applications related to artificial intelligence (AI) and high-performance computing technologies, the ministry said in a report. The ministry forecast that retail, and food and beverage sales this month would retain their growth momentum as the former would benefit from Tomb Sweeping Day
Thousands of parents in Singapore are furious after a Cordlife Group Ltd (康盛人生集團), a major operator of cord blood banks in Asia, irreparably damaged their children’s samples through improper handling, with some now pursuing legal action. The ongoing case, one of the worst to hit the largely untested industry, has renewed concerns over companies marketing themselves to anxious parents with mostly unproven assurances. This has implications across the region, given Cordlife’s operations in Hong Kong, Macau, Indonesia, the Philippines and India. The parents paid for years to have their infants’ cord blood stored, with the understanding that the stem cells they contained