Security News

Credential Stuffing Attack Cracked Uber's Amazon S3 Buckets, Investigators SayUber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data...

Credential Stuffing Attack Cracked Uber's Amazon S3 Buckets, Investigators SayUber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data...

HHS Imposes Penalty on Small Clinic and Demands ActionIn at least the fourth federal HIPAA case involving improper disclosure of patient information to the media, federal regulators have slapped a...

I've been writing about "responsible disclosure" for over a decade; here's an essay from 2007. Basically, it's a tacit agreement between researchers and software vendors. Researchers agree to...

Critical Infrastructure Operators Must Plan for Scenarios in Which a Physical and Cyber Event Occur Simultaneously read more

One Year After Release, Google Fuzzer Still Finds Many Flaws in Safari One year after it was released as open source by Google Project Zero, the Domato fuzzer has still found a significant number...

New data breach notification laws are good news for consumers, better news for attorneys, but not very good news for businesses already struggling to stay on top of a constantly evolving...

Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits.

The Apache Software Foundation informed users over the weekend that updates for the Tomcat application server address several vulnerabilities, including issues that can lead to information...

“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own wish to research a certain...