Tags zero days

Study: Zero days rediscovered much faster

by Shaun Waterman • 5 months ago

The report comes as White House cybersecurity czar Rob Joyce says he is reviewing the Vulnerability Equities Process — the policy structure that decides whether zero days found by U.S. agencies should be disclosed to the manufacturer.

Why reforming the Vulnerability Equities Process would be a disaster

by Dave Aitel • 7 months ago

Op-Ed: The leak of NSA exploits is not the worst that could happen — and trying to reform the policy process the U.S. government uses to decide which vulnerabilities to reveal and patch will not make things better.

Should the government stockpile zero day software vulnerabilities?

by Shaun Waterman • 7 months ago

Storm clouds are rising over the U.S. government's policy on software flaw disclosure after the massive WannaCry infection spread using a cyberweapon developed by the NSA, and even former agency leaders say it might be time to take a fresh look at the Vulnerability Equities Process.

Zero day exploits are rarer and more expensive than ever, researchers say

by Patrick Howell O'Neill • 8 months ago

"It's pushing the bad guys to find other ways," said one researcher.

Shadow Brokers latest leak a gold mine for both criminals and researchers

by Patrick Howell O'Neill • 8 months ago

Security researchers are learning how the NSA operates while criminals are starting to take the tools for a spin on the open web.

Zero day study: Hoarding exploits less harmful than generally thought

by Shaun Waterman • 9 months ago

A new study from the RAND Corp. upends much of the conventional wisdom on zero day vulnerability disclosure — they are rarely discovered independently, which makes hoarding them more effective.

Continue to CyberScoop.com