vulnerability disclosure
Major vulnerabilities found in popular wireless presentation system
F-Secure consultants have discovered several exploitable vulnerabilities in Barco’s ClickShare wireless presentation system. Attackers can use the flaws to intercept and …
GitHub Security Lab aims to make open source software more secure
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …
Companies should disclose cybersecurity risk management efforts
Research finds that when one company experiences a cybersecurity breach, other companies in the same field also become less attractive to investors. However, companies that …
Disclosing vulnerabilities to improve software security is good for everyone
Today, software companies and security researchers are near universal in their belief that disclosing vulnerabilities to improve software security is good for everyone, …
Why are some vulnerabilities disclosed responsibly while others are not?
EU’s cybersecurity agency ENISA has delved into the problematics of vulnerability disclosure and has released a report that addresses economic factors, incentives and …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
66.1% of vulnerabilities published through Q3 2018 have a documented solution
There have been 16,172 vulnerabilities disclosed through October 29th, which is a 7% decrease from the high record reported last year at this time. The 16,172 vulnerabilities …
10,644 vulnerabilities disclosed in the first half of 2018
There have been 10,644 vulnerabilities disclosed through June 30th, according to Risk Based Security’s 2018 Mid Year VulnDB QuickView report. This is the highest number …
OpenEMR vulnerabilities put patients’ info, medical records at risk
A slew of vulnerabilities in OpenEMR allowed attackers to access random patients’ health records, view data from a target database, escalate their privileges on the …
Vulnerability research and responsible disclosure: Advice from an industry veteran
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own …
Exploring the dynamics of the attacker economy
Global software companies are increasingly turning to attackers for help identifying security vulnerabilities in their offerings – and they’re not the only ones. Conservative …
Hacker-powered security is reaching critical mass
HackerOne announced findings from the 2018 Hacker-Powered Security Report, based on over 72,000 resolved security vulnerabilities, 1,000 customer programs and more than $31 …
Featured news
Resources
Don't miss
- How to get better results from bug bounty programs without wasting money
- Hackers launch data leak site to extort 39 victims, or Salesforce
- Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
- How to succeed at cybersecurity job interviews
- Meet ARGUS, the robot built to catch hackers and physical intruders