Study: Zero-days rediscovered much faster
The report comes as White House cybersecurity czar Rob Joyce says he is reviewing the Vulnerability Equities Process — the policy structure that decides whether zero-days found by U.S. agencies should be disclosed to the manufacturer.
Report: International nonprofit would ease work of cyber-attribution
Attributing cyberattacks and other malicious online activities is tough. The RAND Corp. has an idea for cutting through the public skepticism that lies beyond the technical difficulties.
Zero-day study: Hoarding exploits less harmful than generally thought
A new study from the RAND Corp. upends much of the conventional wisdom on zero day vulnerability disclosure — they are rarely discovered independently, which makes hoarding them more effective.