Security News

What the Onslow Water and Sewer Authority Can Teach About Responsible Disclosure
2018-11-13 15:40

Critical Infrastructure Operators Must Plan for Scenarios in Which a Physical and Cyber Event Occur Simultaneously read more

Google Criticizes Apple Over Safari Security, Flaw Disclosures
2018-10-08 10:03

One Year After Release, Google Fuzzer Still Finds Many Flaws in Safari One year after it was released as open source by Google Project Zero, the Domato fuzzer has still found a significant number...

Variations in State Data Breach Disclosure Laws Complicate Compliance
2018-09-26 07:11

New data breach notification laws are good news for consumers, better news for attorneys, but not very good news for businesses already struggling to stay on top of a constantly evolving...

The Vulnerability Disclosure Process: Still Broken
2018-09-05 17:03

Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits.

Information Disclosure, DoS Flaws Patched in Apache Tomcat
2018-07-24 04:59

The Apache Software Foundation informed users over the weekend that updates for the Tomcat application server address several vulnerabilities, including issues that can lead to information...

Vulnerability research and responsible disclosure: Advice from an industry veteran
2018-07-23 12:30

“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own wish to research a certain...

How to improve software vulnerability disclosure in Europe
2018-06-29 16:44

As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few European countries...

E-Mail Vulnerabilities and Disclosure
2018-06-04 11:33

Last week, researchers disclosed vulnerabilities in a large number of encrypted email clients: specifically, those that use OpenPGP and S/MIME, including Thunderbird and AppleMail. These are...

Tech Firms Coordinate Disclosure of New Meltdown, Spectre Flaws
2018-05-22 05:34

Intel, AMD, ARM, IBM, Microsoft and other major tech companies on Monday released updates, mitigations and advisories for two new variants of the speculative execution attack methods known as...

OCR Plans Do-Over for 'Accounting of Disclosures' Proposal
2018-05-15 14:33

Agency Will Ditch Previous HIPAA Privacy Rule Revamp Plan, Seek New IdeasFederal regulators plan to craft a new proposal for revamping a HIPAA Privacy Rule provision for "accounting of...