Security News

Vulnerability in Chrome for Android Patched Three Years After Disclosure
2019-01-03 02:38

A vulnerabilitiy recently patched by Google in Chrome for Android was an information disclosure bug that was originally reported in 2015, but not patched until the release of Chrome 70 in October...

UK's NCSC Adopts HackerOne for Vulnerability Coordination Disclosure
2018-12-21 14:55

Almost since its inception in October 2016, the UK's National Cyber Security Centre (NCSC) has been considering how to formalize its vulnerability disclosure process. While the agency has a wider...

UK's NCSC Adopts HackerOne for Coordinate Vulnerability Disclosure
2018-12-21 14:55

Almost since its inception in October 2016, the UK's National Cyber Security Centre (NCSC) has been considering how to formalize its vulnerability disclosure process. While the agency has a wider...

Logitech flaw fixed after Project Zero disclosure
2018-12-18 11:20

The flaw offered attackers a way of executing keystroke injection to take control of a Windows PC running Logitech Options.

UK Spy Agency Joins NSA in Sharing Zero-Day Disclosure Process
2018-12-06 12:53

GCHQ Joins the NSA in Publishing its Vulnerabilities Equities Process read more

GCHQ opens kimono for infosec world to ogle its vuln disclosure process
2018-11-29 14:25

Plus: State-backed hacks now need permission from a judge On the same day that certain types of British state-backed hacking now need a judge-issued warrant to carry out, GCHQ has lifted the veil...

Uber Fined $1.2 Million in EU for Breach Disclosure Delay
2018-11-27 14:48

Credential Stuffing Attack Cracked Uber's Amazon S3 Buckets, Investigators SayUber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data...

Uber Fined $1.2 Million by EU for Breach Disclosure Delay
2018-11-27 12:18

Credential Stuffing Attack Cracked Uber's Amazon S3 Buckets, Investigators SayUber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data...

A Strong Message on Improper PHI Disclosure to News Media
2018-11-26 21:18

HHS Imposes Penalty on Small Clinic and Demands ActionIn at least the fourth federal HIPAA case involving improper disclosure of patient information to the media, federal regulators have slapped a...

Oracle and "Responsible Disclosure"
2018-11-14 12:46

I've been writing about "responsible disclosure" for over a decade; here's an essay from 2007. Basically, it's a tacit agreement between researchers and software vendors. Researchers agree to...