Disclosure

data breach

Getting Ahead of Cybersecurity Materiality Mayhem

| | Breach, Cybersecurity, Disclosure, Incident Response, materiality, SEC
Cybersecurity leaders must differentiate between strategic (material) and tactical threats in a cross-functional manner and determine 'materiality.' ...
Security Boulevard
SEC incident response C-Suite-Data-Breach

SEC Cyber Incident Reporting Rules Pressure IT Security Leaders

| | Breach, Compliance, Data breach, Disclosure, Incident Response, SEC
As the SEC gets tough on businesses' cybersecurity posture, IT security leaders will need to beef up incident response plans ...
Security Boulevard

Responsible Disclosure for Cryptocurrency Security

| | blockchain, cryptocurrency, Disclosure, patching, Uncategorized, Vulnerabilities
Stewart Baker discusses why the industry-norm responsible disclosure for software vulnerabilities fails for cryptocurrency software. Why can’t the cryptocurrency industry solve the problem the way the software and hardware industries do, by ...
Schneier on Security

Missouri Governor Doesn’t Understand Responsible Disclosure

| | courts, Disclosure, overreactions, Uncategorized
The Missouri governor wants to prosecute the reporter who discovered a security vulnerability in a state’s website, and then reported it to the state. The newspaper agreed to hold off publishing any ...
Schneier on Security

Bug Bounty Programs Are Being Used to Buy Silence

| | bribes, coverups, Disclosure, Reports
Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty platforms connect security researchers with organizations wanting extra scrutiny. In ...
Schneier on Security

NordVPN Breached

| | breaches, certificates, cryptography, Disclosure, encryption, keys, VPN
There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates ...
Schneier on Security

Zoom Vulnerability

| | cameras, Disclosure, Exploits, patching, Vulnerabilities
The Zoom conferencing app has a vulnerability that allows someone to remotely take over the computer's camera. It's a bad vulnerability, made worse by the fact that it remains even if you ...
Schneier on Security

The Importance of Protecting Cybersecurity Whistleblowers

| | breaches, courts, Cybersecurity, Disclosure, laws, whistleblowers
Interesting essay arguing that we need better legislation to protect cybersecurity whistleblowers. Congress should act to protect cybersecurity whistleblowers because information security has never been so important, or so challenging. In the ...
Schneier on Security

Video: Safe Harbor for Hackers

| | 2019, bug hunting, Disclosure, EH-Net Live!, ethical hacking, highlight, pentest, safe harbor
Join the Disclose.io Movement! Video and Slide Deck from EH-Net Live! April 2019 The Internet has an Auto-Immune Problem! It affects everyone on the planet, whether they’ve been the victim of a ...
The Ethical Hacker Network

Webinar: Safe Harbor for Hackers

| | 2019, bug hunting, Disclosure, EH-Net Live!, ethical hacking, highlight, pentest
Register Now to Join the Disclose.io Movement! The Internet has an Auto-Immune Problem! Members of the InfoSec industry need to lead the way in providing a global environment that encourages responsible security ...
The Ethical Hacker Network
Load more