Tags vulnerability disclosure

Senators question vulnerability disclosure process after Spectre and Meltdown stumbles

by Sean Lyngaas • 7 days ago

U.S. senators expressed concern that shortcomings in the industry-led process for disclosing software and hardware bugs could rear their head again.

National labs will probe election tech for vulnerabilities under planned DHS program

by Chris Bing • 1 month ago

The government is currently planning a cybersecurity program that would allow federally funded national scientific laboratories to privately probe and then document security flaws existing in U.S. election technology, most of which is developed and sold by private companies, according to a senior U.S. official.

Widespread ‘Zip Slip’ vulnerability affects AWS, HP tools, researchers say

by Sean Lyngaas • 1 month ago

A new widespread vulnerability that lets an attacker execute remote code affects Web development tools offered by Amazon Web Services, HP, and other companies, according to secure-coding startup Snyk.

Tech giants reveal new variant of Meltdown and Spectre vulns

by Sean Lyngaas • 2 months ago

The new vulnerability, dubbed “Variant 4,” can be exploited through JavaScript in a web browser to steal data.

Cisco fixes critical ‘DNA’ software flaws

by Sean Lyngaas • 2 months ago

IT giant Cisco this week released patches for three critical vulnerabilities in its enterprise networking software, two of which could allow an attacker to bypass authentication measures and access data deep into the network.

House panel advances State Department bug bounty bill

by Sean Lyngaas • 2 months ago

The House Foreign Affairs Committee advanced a bill in the latest effort to encourage agencies to use ethical hackers to secure their networks.

Continue to CyberScoop.com