vulnerability-research

20
Feb
Modes of Public Vulnerability Disclosure

Modes of Public Vulnerability Disclosure

A proposed taxonomy... Discovery, Documentation, Distribution.
3 min read
10
Feb
A thought re vulnerability research clustering

A thought re vulnerability research clustering

The fact that insecure software pipelines are exploitable feels a little like the idea that bugs exist in old F/OSS code, or that a chip design might not be 100% perfect. It's almost QED - but in the defensive realm, people weren't looking there.
3 min read
11
Jan
Help! My Social Media has been hacked!

Help! My Social Media has been hacked!

I know you do security stuff with computers and my Twitter/Facebook/Instagram/etc has been hacked! It's posting all kinds of strange stuff that isn't from me. What do I do to stop this???
7 min read
01
Dec
Van Buren v. United States - Oral Argument

Van Buren v. United States - Oral Argument

The Supreme Court heard oral argument in Van Buren v. United States, a case concerning a statute of the Computer Fraud and Abuse Act (CFAA) and violations of terms of service agreements.
41 min read
14
Nov
DEF CON endorsed by POTUS!

DEF CON endorsed by POTUS!

Great news everyone: After years of steady work and deliberate improvement of relationships and trust between the hacker community and government officials, we've made it to the apex of the American org chart!
6 min read
28
Oct
How the Pandemic is Reshaping the Bug Bounty Landscape

How the Pandemic is Reshaping the Bug Bounty Landscape

Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.
2 min read
23
Oct
VentureBeat: How ethical hackers are trying to protect the 2020 U.S. elections

VentureBeat: How ethical hackers are trying to protect the 2020 U.S. elections

“All software is vulnerable,” Bugcrowd CTO Casey Ellis said. “It just depends on how long you’re taking to look to find those vulnerabilities. Humans write code, and humans make mistakes.”
1 min read
05
Oct
Vulnerability annihilation since 1851

Vulnerability annihilation since 1851

"What Hobbs had in mind was not the usual cajoling of a provincial bank into an upgrade, but exposing weaknesses in the British Empire itself by revealing the faults of one of Day and Newell’s competitors."
1 min read
29
Sep
Information Asymmetry and the 1950s Nuclear Bounty

Information Asymmetry and the 1950s Nuclear Bounty

Props to Matt Ploessel for calling out this one... I'd not heard of a bounty around nuclear weapons until today.
3 min read
29
Sep
Are you making a Walkman? Or an iPod?

Are you making a Walkman? Or an iPod?

When the walkman was introduced, it created a category. It's brand also became the term of description for that category.
3 min read