Hi, what are you looking for?
Former Microsoft security strategist Katie Moussouris joins Ryan Naraine on the Security Conversations podcast to talk about her new job as Chief Policy Officer at HackerOne and the ongoing debates around vulnerability research and bug bounty programs.
Related Reading: HackerOne Secures $9 Million, Appoints Katie Moussouris Chief Policy Officer
Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.
No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.
Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud, and edge.
How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.
Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done?
VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.
Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.
Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.
Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.
Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.
Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.
Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...
A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.
