Tags vulnerability disclosure

DEF CON Voting Village report explores vulnerabilities in ballot-marking devices, calls for paper-based audits

by Sean Lyngaas • 3 weeks ago

The DEF Con Voting Village is calling for “more comprehensive studies” of equipment that is increasingly a part of the voter experience.

What would a vulnerability disclosure program look like for voting equipment? Expect an RFI soon

by Sean Lyngaas • 4 weeks ago

Voting equipment vendors have heard presentations from Bugcrowd, HackerOne, and Synack, according to ES&S's Chris Wlaschin.

Facebook rejects new allegation that it protected employees over users in 2018 breach

by Sean Lyngaas • 2 months ago

The plaintiffs say the company knew about the problem with "access tokens" for years and chose to protect its own employees before fixing the problem for users.

Voting-machine companies are thinking about vulnerability disclosure, bug bounty programs

by Sean Lyngaas • 2 months ago

The industry has some very particular challenges to work out before establishing a coordinated vulnerability disclosure program. But the big companies are changing their thinking.

Feds plan to use SecureDrop as a vulnerability reporting portal

by Sean Lyngaas • 2 months ago

The plan is for DEF CON to host the servers for the vulnerability reporting, acting as a bridge between hackers and the government.

What Capital One's cybersecurity team did (and did not) get right

by Greg Otto • 3 months ago

It's not great that a lone engineer was able to pull data from 106 million people. But this was far from Equifax 2.0.

TwitterFacebookLinkedInRedditGoogle Gmail