Bugcrowd has had a busy summer. Recently, the bug bounty company partnered with HP to launch the first-ever bug bounty program for printers, with rewards of up to $10,000 for discovered vulnerabilities.
Bugcrowd also recently announced Disclose.io, an open-sourced project to standardize best practices for providing a safe harbor for security researchers within bug bounty and vulnerability disclosure programs (VDPs).
Threatpost talked to Casey Ellis, Bugcrowd founder and CTO, about big...
Las Vegas was filled with researchers, executives, and hackers last week for the Black Hat USA and DEF CON 2018 conferences.
Among the most interesting topics at the shows included IoTand connected cars, election votinghacks, and a flurry of other news topics and sessions outlining the newest threats, vulnerabilities, and cybersecurity best practices.
Threatpost's Lindsey O'Donnell and Tara Seals talk about their favorite parts of the show.
Threatpost talks to Matt Tyrer with Commvault about the recent COSCO ransomware attack. Tyrer discusses the biggest lessons learned from the incident, COSCO's response, and best practices in preventing ransomware attacks.
Threatpost's Tom Spring and Lindsey O'Donnell sit down to discuss the biggest news of the week - including COSCO being hit by a ransomware attack, Adobe Flash being discussed by the U.S. government, and more Facebook drama.
On this week's episode of The Threatpost Podcast, editor Lindsey O'Donnell sits down with Marten Mickos, the CEO of popular bug bounty program platform HackerOne. Mickos sounds off on the opportunities - and growing pains - of bug bounty programs.
Threatpost's Lindsey O'Donnell talks with Zack Allen, ZeroFOX’s manager of threat operations, about the broader social media threats landscape and the growing issue of malicious content being spread across networks like Twitter, Facebook and LinkedIn.
Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news, including a slew of IoT device privacy incidents, a critical Adobe Flash vulnerability, and scary new data on the breadth and impact of the VPNFilter malware.
The smart city industry is projected to be a 400 billion dollar market by 2020, as municipals look at applications for transportation, waste management, and law enforcement.
But with that growth comes privacy issues and security risks, Tenable CTO Renaud Deraison told Threatpost’s Lindsey O’Donnell. Deraison outlines some of the biggest security problems that smart cities face right now – and how city developers can adopt better security hygiene.
Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week’s information security news, including some interesting new malware, a Linux patch that made waves, social engineering gambits and a major banking theft from the second-largest economy in Latin America.
Once only seen in the market through the form of honeypots, deception technology is a quickly emerging category of cyber defense that is particularly useful when it comes to IoT devices, SCADA systems and medical devices.
Threatpost talks to Tony Cole, CTO of Attivo Networks, about how deception technology has evolved, the challenges behind adoption of this method of cyber defense, and how attackers are learning to adapt.
Threatpost's Lindsey O'Donnell talks with Christie Terrill, partner at Bishop Fox, about what kind of companies are looking at bug bounty programs versus conducting penetration testing, what these methods mean for vulnerability disclosures, and the legal nuances and complexities behind bug bounty programs.
Threatpost's Tom Spring talks to Roman Unuchek, senior malware analyst at Kaspersky Lab. Unuchek released his discovery at the RSA Conference this week that millions of apps leak personal identifiable information such as name, age, income and possibly even phone numbers and email addresses.
The 2018 RSA Conference kicks off this week in San Francisco. The massive security conference draws more than 50,000 attendees from around the world eager to learn more about the latest threats, vulnerabilities, and security products and tools. This year's conference has more than 650 exhibitors and 550 sessions covering everything from cryptocurrency to the Internet of Things. Threatpost's Tom Spring and Lindsey O'Donnell, who will be covering the conference, talk about what they are most...
The fall 2016 Mirai botnet compromised more than 300,000 IoT devices to take down several websites in a massive DDoS attack. After the crippling attack, Flashpoint and Akamai worked together with law enforcement to help unravel the crime scene behind the botnet attack.
Threatpost's Tom Spring sits down with Flashpoint's director of security research Allison Nixon, and Akamai's senior engineer Chad Seaman, to discuss how the two worked together and what the industry has learned in the wake...
At the Security Analyst Summit this year in Cancun, FireEye's Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems. Krotofil discusses with Threatpost's Lindsey O'Donnell about the implications of this malware for the manufacturing market as a whole.