Bug Bytes for December 14: Big Bugs, Evidence of Nation-State Threats and the Rise of Ethical Hacking

Top FBI official warns of strategic threat from China through economic and other forms of espionage, the Washington Post reported this week. A senior FBI official on Wednesday said that Chinese economic espionage as well as efforts to steal U.S. research and influence American discourse amount to “the most severe counterintelligence threat” facing the United

By Cybersecurity News
Marriott Breach: What Makes it Unique & What to do Next

Today Marriott announced the company’s Starwood reservations database had been breached and the personal information of 500 million guests stolen. The Washington Post reports that Marriott first learned that an unauthorized party had access to its systems on Sept. 8, but because the hackers encrypted the stolen data the company was unable to determine the

By Cybersecurity News
Spotlight: Web Vulnerabilities

I’m often asked about the biggest bugs we see come in through the platform. It’s a natural question to ask, as big vulnerabilities elicit ideas of big headline grabbing breaches that affect millions of consumers. In reality, the vulnerabilities that lead to these big breaches are often much more naissant. And the real answer to

By Cybersecurity NewsVulnerabilities
Homeland Security to Establish Vulnerability Disclosure; House Pushes for Formalization of CISO role

Last week, the House voted to approve H.R. 6735, a bill that directs the Homeland Security Secretary to establish a vulnerability disclosure policy for the agency’s websites. This was a swift decision — The House Homeland Security Committee advanced this bill just last week — as well as a timely one. Crowdsourced security has been

By Cybersecurity NewsThought LeadershipVulnerability Disclosure