Tags katie moussouris
Apple's $1 million bug bounty makes a lot more sense after that iOS hacking spree
The company's offer of $1 million to hackers who can breach iOS could have unintended consequences.
What Capital One's cybersecurity team did (and did not) get right
It's not great that a lone engineer was able to pull data from 106 million people. But this was far from Equifax 2.0.
The bug bounty market has some flaws of its own
Inflated bounties might be creating perverse incentives for young cybersecurity researchers and distorting the market for white-hat bug hunters.
Senators grill Uber CISO over 2016 breach, extortion incident
During the hearing, the lawmakers questioned Uber’s chief security officer while also receiving an education from experts on how bug bounty programs are supposed to operate.
The Wassenaar Arrangement's latest language is making security researchers very happy
Security researchers are saying rewritten language that includes hacking tools in a treaty that regulates the global trade in weapons technology, saying it fixes rules that, if implemented in the U.S., would have outlawed much of the daily commerce of the cybersecurity industry.
OWASP postpones publication of Top 10 app vulnerabilities draft
Postponing the publication of the new draft highlights the controversy swirling around this latest effort to revise the ubiquitous Top 10 list, which is being led by new authors after an earlier version got panned.