Security News

The process of vulnerability disclosure has improved over the years, but still too many security researchers face threats when trying to report bugs. Disclosure policies that give ethical hackers clear guidelines are vast and varied and are seldom universally followed, which adds to the friction between researchers and vendors.

Voting machine-maker Election Systems & Software has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The adoption of safe-harbor language marks a drastic turnaround from how the voting-machine vendor has interacted with the research community in previous years.

Hackers are crawling all over the US Department of Defense's websites. Four years after it first invited white hat hackers to start hacking its systems, the Pentagon continues asking them to do their worst - and a report released this week says that they're submitting more vulnerability reports than ever.

Approaching your currently implemented security as a target to beat or bypass is the strongest and fastest way to find any flaws that may already exist.

From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?

Companies have become more open in the past year to receiving vulnerability reports from security researchers, according to ethical hackers surveyed by bug bounty platform HackerOne. read more

Not all hacking is bad hacking. How would you feel if you are offered a six-figure salary to hack computer networks and break into IT systems legally? Isn't career with such skill-set worth...