The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
A bug-bounty program launched for the Teams desktop videoconferencing and collaboration application has big payouts for finding security holes.
A cyberattacker taunted the site about open security vulnerabilities, prompting a code review.
A survey from Intel shows that most organizations prefer tech providers to have proactive security, but few meet security expectations.
Ethical hacker Alex Birsan developed a way to inject malicious code into open-source developer tools to exploit dependencies in organizations internal applications.
Major browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense.
Patches for both the Chrome desktop and Android browser address high-severity flaws with known exploits available in the wild.
The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify.
Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.