Aside from following the law, companies should also take care that their bug bounty payments are adhering to responsible corporate policies that define what constitutes a legit payment and what constitutes extortion.
Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.
Alyssa Miller, a security advocate at Snyk and a longtime hacker and researcher, is researching the phenomenon of bad job descriptions in an effort to better match qualified workers with would be employers.
Featured, Phishing, Ransomware, Security News, Year in Review
Cyber experts expect more sophisticated attacks to come – with ransomware and phishing continuing at a steady, but more advanced clip, and emerging threats tied to deepfakes and 5G beginning to show impact.
Data Breach, Featured, Gaming, Ransomware, Security News
Cybersecurity experts and digital rights organizations say that the high court’s future ruling will determine whether bug hunters and pen testers could be charged if their research into systems is deemed excessive, even if the actions are intended to be ethical.