The new entry point for attacking the enterprise is the web browser. Bugs in web browser implementations allow hackers to exploit your users. You know what Google says? The browser is the new operating system.
It is difficult to lock down web browsers. Hackers are injecting malware in advertising. This process is being coined malvertising. It is simpler than trying to get a user to download and execute a file.
The injection of malware ads is also pretty simple. You just put together a real ad which has the hack embedded in it. You don't need to take user a web site. Allow the web site to come to you to serve up your ad.
Salary Comparison Failure - Read a post that stated top bug bounty hunters make 3X the salary of average developers. Umm what? Who cares what those top people make? You got to compar...