New Google vulnerability: Learn about zero-day CVE-2022-3075 in Chorme web browser  | Fix now >> 

The CyberRisk Summit on-demand: Watch the latest #CRS anytime, anywhere | Watch now  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

The new Google bug bounty and more: First officer’s blog – week 15

First Officer’s log, Terrestrial date, 20220905. Officer of the Deck reporting.   As a support vessel, specializing in integrating communications across a world’s disparate defense systems, we are usually called into action well after a world’s joined the Federation or, at least, well after the first contact team has done their work and moved on to… Continue reading The new Google bug bounty and more: First officer’s blog – week 15

Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

First Officer’s log, Terrestrial date, 20220811. Officer of the Deck reporting. The ship is back to normal operation and our patrol continues. As a support vessel, we are often in a position to “clean up the mess” discovered, or sometimes instigated, by the ships engaged in First Contact situations. They get all the glory. And… Continue reading Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

First Officer’s log, Terrestrial date, 20220804. Officer of the Deck reporting. The Captain has authorized liberty call for much of the crew to take part in a local Independence Day celebration. Apparently, the world separated from their colonial power after a disagreement over some beverage imports. It is quite a big deal for the locals… Continue reading LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

What happens when bug bounties don’t work?

Microsoft recently slashed payments through its bug bounty programs — and some of the ethical hackers they’ve been paying to find vulnerabilities might not be so ethical after all. Bug bounties give researchers an incentive to report vulnerabilities directly to software vendors. That way, vendors can release patches and ensure that customer data is secure.… Continue reading What happens when bug bounties don’t work?