Facebook rejects new allegation that it protected employees over users in 2018 breach
The plaintiffs say the company knew about the problem with "access tokens" for years and chose to protect its own employees before fixing the problem for users.
Voting-machine companies are thinking about vulnerability disclosure, bug bounty programs
The industry has some very particular challenges to work out before establishing a coordinated vulnerability disclosure program. But the big companies are changing their thinking.
Microsoft patches two critical vulnerabilities comparable to BlueKeep
Like BlueKeep and the bug involved in WannaCry, the new vulnerabilities are "wormable."
DEF CON Voting Village matures as industry keeps its distance
The country's top three voting gear vendors were a no-show, but there was still plenty of enthusiasm at DEF CON's Voting Village.
Feds plan to use SecureDrop as a vulnerability reporting portal
The plan is for DEF CON to host the servers for the vulnerability reporting, acting as a bridge between hackers and the government.
Meet APT41, the Chinese hackers moonlighting for personal gain
In a first for China-based group, FireEye said, the hackers are using malware typically reserved for spying for personal gain.