CVSS, or Common Vulnerability Scoring System, provides developers, testers, and security professionals with a standardized process to assess vulnerabilities.
Twitter announced in a blog post Monday that they discovered and addressed a security flaw in one of their support forms. The discovery was made on November 15—more than a month ago—and promptly fixed the next day. So why are we only hearing about it now?
When we talk about online extortion, nowadays what comes to mind is ransomware, thanks to reports of new strains found almost every day of the week. For some, it may be scams—from online dating, to loan, to 419 fraud. For others, some examples may be hijacked accounts, sextortion, DDoS attacks, and data theft. These past few weeks, we have been introduced to a new type of digital extortion that, as some security experts claim, is currently on the rise: bug poaching.