The bug bounty market has some flaws of its own
Inflated bounties might be creating perverse incentives for young cybersecurity researchers and distorting the market for white-hat bug hunters.
DMARC 2.0? New BIMI standard will help fight spoofing and phishing
Major email service providers are teaming up with large corporations like to develop a new email security standard.
Critical ManageEngine vulns affect majority of Fortune 500 companies
Five vulnerabilities in the ManageEngine Applications Manager, and one in the Event Log Analyzer, were disclosed by Digital Defense, Inc.
NIST engineering guide update provides advice for securing legacy IT systems
Volume two of NIST SP-800-160 focuses on cyber resilience engineering.
EU needs one set of vulnerability disclosure rules, says expert task force
The fractured ecosystem is having a chilling effect on vulnerability research.
Feds still dragging in DMARC configuration
More than a third of federal agencies have still failed to implement DMARC, according to an analysis of public records.