Attend the CyberRisk Summit – for free: Join us May 23 to learn how cyber experts put vulnerability risk in context | Register >>

Vulnerability management metrics: The key metrics that will help you achieve successful cyber risk management | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

Attend the CyberRisk Summit – for free: Join us May 23 to learn how cyber experts put vulnerability risk in context | Register >>

Vulnerability management metrics: The key metrics that will help you achieve successful cyber risk management | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

TRY VULCAN FREE

The new Google bug bounty and more: First officer’s blog – week 15

First Officer’s log, Terrestrial date, 20220905. Officer of the Deck reporting.   As a support vessel, specializing in integrating communications across a world’s disparate defense systems, we are usually called into action well after a world’s joined the Federation or, at least, well after the first contact team has done their work and moved on to… Continue reading The new Google bug bounty and more: First officer’s blog – week 15

Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

First Officer’s log, Terrestrial date, 20220811. Officer of the Deck reporting. The ship is back to normal operation and our patrol continues. As a support vessel, we are often in a position to “clean up the mess” discovered, or sometimes instigated, by the ships engaged in First Contact situations. They get all the glory. And… Continue reading Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

First Officer’s log, Terrestrial date, 20220804. Officer of the Deck reporting. The Captain has authorized liberty call for much of the crew to take part in a local Independence Day celebration. Apparently, the world separated from their colonial power after a disagreement over some beverage imports. It is quite a big deal for the locals… Continue reading LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

What happens when bug bounties don’t work?

Microsoft recently slashed payments through its bug bounty programs — and some of the ethical hackers they’ve been paying to find vulnerabilities might not be so ethical after all. Bug bounties give researchers an incentive to report vulnerabilities directly to software vendors. That way, vendors can release patches and ensure that customer data is secure.… Continue reading What happens when bug bounties don’t work?