Please turn on your JavaScript for this page to function normally.

vulnerability disclosure

tunnel
Crowdsourced security trends: Payouts to hackers increase

Bugcrowd has released the 2018 Bugcrowd State of Bug Bounty Report, which analyzes proprietary platform data collected from more than 700 crowdsourced security programs …

Door
The pace of vulnerability disclosure shows no signs of slowing

Unless the pace of vulnerability disclosure slows down in the coming quarters, we are looking at yet another record-breaking year, according to Risk Based Security’s …

Hand
Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the …

hole
Netflix, Dropbox promise not to sue security researchers, with caveats

Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the …

AMD
AMD confirms processor flaws found by CTS Labs, firmware fixes are coming

Chipmaker AMD has confirmed that the vulnerabilities discovered by CTS Labs researchers earlier this month do affect a variety of its products, and that firmware patches …

critical infrastructure
Keeping on top of ICS-focused hacking groups, defenses

How many hacking groups are focusing on ICS systems? Dragos security researchers say at least five were active in 2017. “While only one has demonstrated an apparent …

Hand
Still relying solely on CVE and NVD for vulnerability tracking? Bad idea

2017 broke the previous all-time record for the highest number of reported vulnerabilities. The 20,832 vulnerabilities cataloged during 2017 by Risk Based Security (VulnDB) …

Windows
A five-year analysis of reported Windows vulnerabilities

Based on analysis of all disclosed Microsoft vulnerabilities in 2017, a new Avecto report shows a significant rise in the number of reported vulnerabilities. Last year, 685 …

Google
Google wants bug hunters to probe popular Android apps for bugs

Google has started another bug bounty initiative: the Google Play Security Reward Program. While the name of the program might suggest that bug hunters will be after …

open
Unpatched SQLi vulnerability in SmartVista e-commerce suite

Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …

Bug
The Internet Bug Bounty offers rewards for bugs in data processing libraries

The Internet Bug Bounty (IBB), a project aimed at finding and fixing vulnerabilities in core internet infrastructure and free open source software, has announced that it will …

DJI drone
Drone maker DJI launches bug bounty program

Chinese consumer drone maker DJI has announced that it’s starting a bug bounty program and has invited researchers to discover and responsibly disclose issues that could …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools