The Log4j debacle showed again that public disclosure of 0-days only helps attackers
On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on …
Druva introduces curated recovery technology for accelerated ransomware recovery
Druva introduced a curated recovery technology, leveraging intelligent automation, for accelerated ransomware recovery. Adding to Druva’s Accelerated Ransomware Recovery …
Why cybersecurity products always defy traditional user reviews
I read with interest the latest batch of evaluation data from MITRE on various endpoint solutions, this time focusing on the detect, response and containment of these various …
How much is a vulnerability worth?
As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new …
Can automated penetration testing replace humans?
In the past few years, the use of automation in many spheres of cybersecurity has increased dramatically, but penetration testing has remained stubbornly immune to it. While …
Crowdsourced pentesting is not without its issues
Crowdsourced security isn’t new anymore, having existed in one form or another as a consumable enterprise service since 2013 with the launch of the main crowdsourced platforms …
Featured news
Resources
Don't miss
- Edge computing’s biggest lie: “We’ll patch it later”
- Cyber risk is becoming a hold-period problem for private equity firms
- Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
- 1Password open sources a benchmark to stop AI agents from leaking credentials
- Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)