Microsoft Corp said on on Tuesday it is paying a well-known hacking expert more than US$100,000 for finding security holes in its software, one of the largest such bounties awarded to date by a high-tech company.
The software maker also released a much anticipated update to Internet Explorer, which it said fixes a bug that made users of the world’s most popular browser vulnerable to remote attack.
James Forshaw, who heads vulnerability research at London-based security consulting firm Context Information Security, won Microsoft’s first US$100,000 bounty for identifying a new “exploitation technique” in Windows, which will allow it to develop defenses against an entire class of attacks, the software maker said on Tuesday.
Forshaw earned another US$9,400 for identifying security bugs in a preview release of Microsoft’s Internet Explorer 11 browser, Microsoft Security Response Center senior security strategist Katie Moussouris said in a blog.
Microsoft unveiled the reward programs four months ago to bolster efforts to prevent sophisticated attackers from subverting new security technologies in its software, which runs on the vast majority of the world’s personal computers.
Forshaw has been credited with identifying several dozen software security bugs. He was awarded a large bounty from Hewlett-Packard Co for identifying a way to “pwn,” or take ownership of, Oracle Corp’s Java software in a high-profile contest known as Pwn2Own.
Microsoft also released an automatic update to Internet Explorer on Tuesday afternoon to fix a security bug that it first disclosed last month.
Researchers say hackers initially exploited that flaw to launch attacks on companies in Asia in an operation that the cybersecurity firm FireEye has dubbed DeputyDog.
Marc Maiffret, chief technology officer of the cybersecurity firm BeyondTrust, said the vulnerability was later more broadly used after Microsoft’s disclosure of the issue brought it to the attention of cyber criminals.
He is advising computer users to immediately install the update to Internet Explorer, if they do not have their PCs already set to automatically download updates.
That vulnerability in Internet Explorer was known as a “zero-day” because Microsoft, the targeted software maker, had zero days notice to fix the hole when the initial attacks exploiting the bug were discovered.
In an active, underground market for “zero day” vulnerabilities, criminal groups and governments sometimes pay US$1 million or more to hackers who identify such bugs.
Just a few years ago, the millennial generation — generally defined as those born from the early 1980s through the mid-1990s — was synonymous with youthful rebellion. However, now, as the millennials ease into early middle age, they are finding their path out of their parents’ basement to be a lot harder than it was for earlier generations. The fundamental problem is that millennials are not building wealth. The wealth of the median US household headed by someone 35 or younger has actually shrunk in inflation-adjusted terms since the mid-2000s, even as the wealth of older Americans has continued to grow. An
Gogoro Inc (睿能創意) yesterday launched its first electric bicycle, the Gogoro Eeyo 1, in Taiwan, after unveiling the bike in New York in late May and in France on Tuesday. The company said it would also introduce the series in other European countries such as Germany and the Netherlands. The “Eeyo project” is the fourth of Gogoro’s eight projects that concentrate on smart transportation, which includes Gogoro’s electric scooter, battery swap system and electric scooter sharing service, company founder and chief executive officer Horace Luke (陸學森) told a media briefing in Taipei. “There are various types of city commuters. We will not
EXPERIMENTAL DRUG: While news about a COVID-19 vaccine is more eye-catching, developing a treatment would be more viable, the Senhwa boss said Senhwa Biosciences Inc (生華科) aims to raise NT$1.5 billion (US$50.57 million) by issuing 15 million new common shares in the third quarter of this year to fund the research of new drugs, including the experimental drug Silmitasertib for the treatment of COVID-19, the company said on Monday. That would be the firm’s largest fundraising effort after it raised more than NT$1.4 billion from an initial public offering on the Taipei Exchange (TPEX) in April 2017, chief financial officer Sarah Chang (張小萍) told the Taipei Times by telephone. The price of the new shares would depend on the firm’s average share price
NOT A PANACEA: Offering 5G services would not solve the problem of declining telecom incomes, chairman Sheih Chi-mau said, expecting a flat 5G telecom revenue Chunghwa Telecom Co (中華電信) yesterday became the nation’s first telecom to debut its 5G services, offering tiered tariffs that include a threshold of NT$599 and flat rates, as it aims to switch half of its subscribers to the 5G network within three years. Subscribers would have unlimited data transmission for monthly fees starting at NT$1,399 — the same flat rate as when the company launched its 4G service in 2014 — and they can subscribe to the highest-rate plan for NT$2,699 per month for faster data transmission speeds and larger bandwidth, the company said. Data transmission speeds would be within the range