Security News

China May Delay Vulnerability Disclosures For Use in Attacks
2017-11-16 20:24

The NSA and CIA exploit leaks have thrown the spotlight on US government stockpiles of 0-day exploits -- and possibly led to this week's government declassification of the Vulnerabilities Equities...

White House Releases VEP Disclosure Rules
2017-11-16 19:19

The White House released a charter document on Wednesday outlining how the U.S. government will disclose cyber security flaws and when it will keep them secret.

SEC Chair Wants More Cyber Risk Disclosure From Public Firms
2017-09-26 17:48

Jay Clayton Testifies Before Senate Banking Committee on SEC, Equifax BreachesPublicly traded companies should do a better job of disclosing cyber risks they face in their filings with the...

SEC Chairman Seeks More Cyber Risk Disclosure (InfoRiskToday)
2017-09-06 13:32

Wall Street Regulator Eyes Cyber Shortfalls, Plus Initial Coin OfferingsThe head of the U.S. Securities and Exchange Commission says publicly traded businesses must better describe their...

US DOJ publishes guidelines for setting up a vulnerability disclosure program (Help Net Security)
2017-08-02 21:35

Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to enlist outside experts to advise...

DOJ Helps Organizations Build Vulnerability Disclosure Programs (Security Week)
2017-08-02 08:54

The U.S. Department of Justice (DOJ) Criminal Division’s Cybersecurity Unit has created a framework designed to help organizations develop formal vulnerability disclosure programs. read more

EFF Sues DOJ Over National Security Letter Disclosure Rules (Threatpost)
2017-06-07 21:18

The Electronic Frontier Foundation sued the United States Department of Justice demanding to know whether the agency is complying with rules that mandate a periodic review of National Security...