Famous car hackers Chris Valasek and Charlie Miller returned to Black Hat to discuss how manufacturers can secure autonomous vehicles.

Threatpost talks to Christie Terrill of Bishop Fox about the pros and cons of using bug bounty programs versus penetration testing for companies.

Uber is tightening policies around its bug bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion.

Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies.

Mike Mimoso and Chris Brook recap RSA and discuss the news of the week including the impact of Cloudflare’s “Cloudbleed” bug, Google breaking SHA-1, and more.

RSA 2017 is previewed and last week’s report on iOS apps being vulnerable to interception attacks, macro malware coming to MacOS, and new Uber open source module are discussed.

Developers at Uber have unveiled a new module to help users enable the continuous re-authentication of SSH keys.

A new industry consortium publishes a manifesto it hopes will foster cooperation on the security of autonomous vehicles.

A researcher earned $9K for identifying a XXE vulnerability in third party backup software used by Uber.

Vulnerabilities in UberCENTRAL, a portal used by businesses to facilitate rides, could have leaked the names, phone numbers, email addresses, and unique IDs.