Tags katie moussouris

Apple's $1 million bug bounty makes a lot more sense after that iOS hacking spree

by Jeff Stone • 1 month ago

The company's offer of $1 million to hackers who can breach iOS could have unintended consequences.

What Capital One's cybersecurity team did (and did not) get right

by Greg Otto • 3 months ago

It's not great that a lone engineer was able to pull data from 106 million people. But this was far from Equifax 2.0.

The bug bounty market has some flaws of its own

by Shaun Waterman • 2 years ago

Inflated bounties might be creating perverse incentives for young cybersecurity researchers and distorting the market for white-hat bug hunters.

Senators grill Uber CISO over 2016 breach, extortion incident

by Zaid Shoorbajee • 2 years ago

During the hearing, the lawmakers questioned Uber’s chief security officer while also receiving an education from experts on how bug bounty programs are supposed to operate.

The Wassenaar Arrangement's latest language is making security researchers very happy

by Shaun Waterman • 2 years ago

Security researchers are saying rewritten language that includes hacking tools in a treaty that regulates the global trade in weapons technology, saying it fixes rules that, if implemented in the U.S., would have outlawed much of the daily commerce of the cybersecurity industry.

OWASP postpones publication of Top 10 app vulnerabilities draft

by Shaun Waterman • 2 years ago

Postponing the publication of the new draft highlights the controversy swirling around this latest effort to revise the ubiquitous Top 10 list, which is being led by new authors after an earlier version got panned.

TwitterFacebookLinkedInRedditGoogle Gmail