#vulnerability-disclosure

#vulnerability-disclosure

Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging platform's network protocol. The idea is to make it easier to delve into WhatsApp-specific technologies as the application continues to be a lucrative attack surface for state-sponsored actors and commercial spyware vendors.

Securing IoT devices must be a top priority from start to finish these days. Whereas the issue used to be seen mainly as an add-on, it is now a fundamental part of product development and partner policy. According to Fabian de Clippelaar, Engineer at Axis Communications, this shift did not come out of the blue. "The growing computing power of devices offers opportunities for innovation. But if that power is not applied or secured in the right way, it can also cause serious problems."

Two researchers reported finding serious vulnerabilities, including ones that expose employee information and drive-through orders, in systems run by Restaurant Brands International (RBI), which owns the Tim Hortons, Burger King and Popeyes brands. The vulnerabilities were reported to the vendor and quickly fixed. In addition, RBI said the system targeted by the researchers is still in early development. However, the company still sent a DMCA complaint to the researchers to force them to remove the blog post detailing their findings.