Question 1

2023

Accepted Answer

Industry launches hacking policy council, legal defense fund to support security research and disclosures
SC Media
Derek B. Johnson
April 13, 2023
https://www.scmagazine.com/news/leadership/hacking-policy-council-launched-to-support-security-research-and-disclosures(https://www.scmagazine.com/news/leadership/hacking-policy-council-launched-to-support-security-research-and-disclosures)
​
Tech Companies Unveil New Hacking Policy Council, Legal Defense Fund for Researchers
Decipher
Dennis Fisher
April 13, 2023
https://duo.com/decipher/tech-companies-unveil-new-hacking-policy-council-legal-defense-fund-for-researchers(https://duo.com/decipher/tech-companies-unveil-new-hacking-policy-council-legal-defense-fund-for-researchers)
​
OpenAI launches bug bounty program with Bugcrowd
TechTarget
Alexander Culafi
April 12, 2023
https://www.techtarget.com/searchsecurity/news/365535122/OpenAI-launches-bug-bounty-program-with-Bugcrowd(https://www.techtarget.com/searchsecurity/news/365535122/OpenAI-launches-bug-bounty-program-with-Bugcrowd)
 
Think ransomware gangs won't thrive this year? Think again, experts say
The Washington Post
Tim Starks
March 30, 2023
https://www.washingtonpost.com/politics/2023/03/30/think-ransomware-gangs-wont-thrive-this-year-think-again-experts-say/ (https://www.washingtonpost.com/politics/2023/03/30/think-ransomware-gangs-wont-thrive-this-year-think-again-experts-say/)

Question 2

2022

Accepted Answer

Katie Moussouris on where bug bounties went wrong
Security Conversations
Ryan Naraine
December 8, 2022
https://securityconversations.com/episode/katie-moussouris-on-where-bug-bounties-went-wrong/(https://securityconversations.com/episode/katie-moussouris-on-where-bug-bounties-went-wrong/)
​
How to build a public profile as a cybersecurity pro
CSO
Samira Sarraf
November 29, 2022
https://www.csoonline.com/article/3680390/how-to-build-a-public-profile-as-a-cybersecurity-pro.html(https://www.csoonline.com/article/3680390/how-to-build-a-public-profile-as-a-cybersecurity-pro.html)
​
For cyber experts, disinformation overshadows cyberthreats in midterms
The Washington Post: Cybersecurity 202
Tim Starks
October 31, 2022
https://www.washingtonpost.com/politics/2022/10/31/cyber-experts-disinformation-overshadows-cyberthreats-midterms/(https://www.washingtonpost.com/politics/2022/10/31/cyber-experts-disinformation-overshadows-cyberthreats-midterms/)
​
This Hacker Is Trying to Close the Gender Pay Gap in Cybersecurity
VICE
Chloe Xiang
September 14, 2022
https://www.vice.com/en/article/xgyvza/this-hacker-is-trying-to-close-the-gender-pay-gap-in-cybersecurity(https://www.vice.com/en/article/xgyvza/this-hacker-is-trying-to-close-the-gender-pay-gap-in-cybersecurity)
https://youtu.be/QgX_iKNbFaM(https://youtu.be/QgX_iKNbFaM)
​
Bug Bounty Botox – Why You Need a Security Process First
InfoSecurity Magazine
Sean Michael Kerner 
August 12, 2022
https://www.infosecurity-magazine.com/news/bhusa-bug-bounty-botox/(https://www.infosecurity-magazine.com/news/bhusa-bug-bounty-botox/)
​
For Bug Bounties, 'Knowing is less than half the battle’
Decipher
Dennis Fisher
August 11, 2022
https://duo.com/decipher/for-bug-bounties-knowing-is-less-than-half-the-battle(https://duo.com/decipher/for-bug-bounties-knowing-is-less-than-half-the-battle)
​
As Black Hat kicks off, the US government is getting the message on hiring security talent
The Register
Iain Thomson
August 10, 2022
https://www.theregister.com/2022/08/10/us_security_hiring/(https://www.theregister.com/2022/08/10/us_security_hiring/)
​
Why Bug-Bounty Programs Are Failing Everyone
Dark Reading
Ericka Chickowski
July 29, 2022
https://www.darkreading.com/black-hat/why-bug-bounty-programs-failing-everyone(https://www.darkreading.com/black-hat/why-bug-bounty-programs-failing-everyone)
​
Experts: California lacked safeguards for gun owner info
Associated Press
Don Thompson
July 1, 2022
https://apnews.com/article/technology-california-gun-politics-violence-government-and-3a7b488f69a0ba949923ceb382c4838a(https://apnews.com/article/technology-california-gun-politics-violence-government-and-3a7b488f69a0ba949923ceb382c4838a)
​
Security experts break down exactly why you shouldn't share your passwords: 'It's really dangerous'
Yahoo! News
May 10, 2022
https://www.yahoo.com/lifestyle/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html(https://www.yahoo.com/lifestyle/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html)
​
Musk's plans to make Twitter's algorithms public raises disinformation conundrum
CyberScoop
Tonya Riley
April 26, 2022
https://www.cyberscoop.com/elon-musk-twitter-algorithm-open-source-disinfomation/(https://www.cyberscoop.com/elon-musk-twitter-algorithm-open-source-disinfomation/)
​
Attacking rival, Google says Microsoft’s hold on government security is a problem
NBC News
Kevin Collier
March 31, 2022
https://www.nbcnews.com/tech/security/attacking-rival-google-says-microsofts-hold-government-security-proble-rcna22159(https://www.nbcnews.com/tech/security/attacking-rival-google-says-microsofts-hold-government-security-proble-rcna22159)
​
Russia may be primed to hack America’s infrastructure
Yahoo! Finance
 Daniel Howley
 February 24, 2022
https://finance.yahoo.com/news/russia-may-be-primied-to-hack-americas-infrastructure-182256545.html(https://finance.yahoo.com/news/russia-may-be-primied-to-hack-americas-infrastructure-182256545.html)
​
Most cyber pros give thumbs down to the EARN IT Act
The Washington Post: Cybersecurity 202
Joseph Marks
February 23, 2022
https://www.washingtonpost.com/politics/2022/02/23/most-cyber-pros-give-thumbs-down-earn-it-act/(https://www.washingtonpost.com/politics/2022/02/23/most-cyber-pros-give-thumbs-down-earn-it-act/)
​
Tracking cyber’s role in the Russia-Ukraine conflict
Politico
Sam Sabin
02/14/2022
https://www.politico.com/newsletters/weekly-cybersecurity/2022/02/14/tracking-cybers-role-in-the-russia-ukraine-conflict-00008520(https://www.politico.com/newsletters/weekly-cybersecurity/2022/02/14/tracking-cybers-role-in-the-russia-ukraine-conflict-00008520)
​
Senators aren't swayed by Apple's security arguments
The Washington Post: Cybersecurity 202
Joseph Marks
February 4, 2022
https://www.washingtonpost.com/politics/2022/02/04/senators-arent-swayed-by-apple-security-arguments/(https://www.washingtonpost.com/politics/2022/02/04/senators-arent-swayed-by-apple-security-arguments/)
​
New DHS Cyber Safety Review Board will investigate major incidents 
CNN
Geneva Sands and Sean Lyngaas
February 3, 2022
https://www.cnn.com/2022/02/03/politics/dhs-cybersecurity-review-board-major-incidents/index.html(https://www.cnn.com/2022/02/03/politics/dhs-cybersecurity-review-board-major-incidents/index.html)
​
Homeland Security establishes the Cyber Safety Review Board to learn the mistakes from past cyber incidents
TechCrunch
 Carly Page
February 3, 2022
https://techcrunch.com/2022/02/03/homeland-security-cyber-safety-review-board/(https://techcrunch.com/2022/02/03/homeland-security-cyber-safety-review-board/)
​
Is Russia or China the biggest cyber threat? Experts are split
The Washington Post: Cybersecurity 202
Joseph Marks
January 20, 2022
https://www.washingtonpost.com/politics/2022/01/20/is-russia-or-china-biggest-cyber-threat-experts-are-split/(https://www.washingtonpost.com/politics/2022/01/20/is-russia-or-china-biggest-cyber-threat-experts-are-split/)
​
Google says open source software should be more secure
The Register
Thomas Claburn
January 14, 2022
https://www.theregister.com/2022/01/14/google_says_open_source_software/(https://www.theregister.com/2022/01/14/google_says_open_source_software/)
​
The FTC Wants Companies to Find Log4j Fast. It Won't Be So Easy
Wired
Chris Stokel-Walker
January 10, 2022
https://www.wired.co.uk/article/lo4j-ftc-vulnerability(https://www.wired.co.uk/article/lo4j-ftc-vulnerability)

Question 3

2021

Accepted Answer

Agencies get Christmas Eve deadline to address ‘extremely concerning’ vulnerability
Federal News Network
Justin Doubleday
 December 15, 2021
https://federalnewsnetwork.com/cybersecurity/2021/12/agencies-get-christmas-eve-deadline-to-address-extremely-concerning-vulnerability/(https://federalnewsnetwork.com/cybersecurity/2021/12/agencies-get-christmas-eve-deadline-to-address-extremely-concerning-vulnerability/)
​
US government to offer up to $5,000 'bounty' to hackers to identify cyber vulnerabilities
CNN
Geneva Sands
 December 14, 2021
https://www.cnn.com/2021/12/14/politics/dhs-bug-bounty-hackers-cyber-vulnerabilities/index.html(https://www.cnn.com/2021/12/14/politics/dhs-bug-bounty-hackers-cyber-vulnerabilities/index.html)
​
A Log4J Vulnerability Has Set the Internet 'On Fire'
Wired Magazine
Lily Hay Newman
December 10, 2021
https://www.wired.com/story/log4j-flaw-hacking-internet/(https://www.wired.com/story/log4j-flaw-hacking-internet/)
​
Vast majority of our Network cyber experts favor mandates to report hacks
The Washington Post: Cybersecurity 202
Joseph Marks
December 6, 2021
https://www.washingtonpost.com/politics/2021/12/06/vast-majority-our-network-cyber-experts-favor-mandates-report-hacks/(https://www.washingtonpost.com/politics/2021/12/06/vast-majority-our-network-cyber-experts-favor-mandates-report-hacks/)
​
The Matrix Is the Best Hacker Movie
Wired Magazine
Andy Greenberg
December 1, 2021
https://www.wired.com/story/matrix-best-hacker-movie/(https://www.wired.com/story/matrix-best-hacker-movie/)
​
Q&A: Ciaran Martin
InfoSecurity Magazine
Eleanor Dallaway
November 25, 2021
https://www.infosecurity-magazine.com/interviews/qa-ciaran-martin/(https://www.infosecurity-magazine.com/interviews/qa-ciaran-martin/)
​
NIST workshop provides clues to upcoming software supply chain security guidelines
CSO Magazine(https://www.csoonline.com/author/Cynthia-Brumfield/)
Cynthia Brumfield(https://www.csoonline.com/author/Cynthia-Brumfield/)
November 23, 2021
https://www.csoonline.com/article/3641888/nist-workshop-provides-clues-to-upcoming-software-supply-chain-security-guidelines.html(https://www.csoonline.com/article/3641888/nist-workshop-provides-clues-to-upcoming-software-supply-chain-security-guidelines.html)
​
Reporter who notified Missouri officials of website flaw did 'nothing out of line,' emails show
StateScoop
Benjamin Freed
October 27, 2021
https://statescoop.com/missouri-parson-reporter-did-nothing-wrong/(https://statescoop.com/missouri-parson-reporter-did-nothing-wrong/)
 
The U.S. cyber workforce gap is getting bigger
The Washington Post / Cybersecurity 202
Joseph Marks
October 26, 2021
https://www.washingtonpost.com/politics/2021/10/26/us-cyber-workforce-gap-is-getting-bigger/(https://www.washingtonpost.com/politics/2021/10/26/us-cyber-workforce-gap-is-getting-bigger/)
​
Announcing the 2021 CyberScoop 50 awards winners
CyberScoop
Staff
October 18, 2021
https://www.cyberscoop.com/announcing-2021-cyberscoop-50-award-winners/(https://www.cyberscoop.com/announcing-2021-cyberscoop-50-award-winners/)
 
Missouri governor accuses newspaper of 'hacking' state website
StateScoop
Benjamin Freed
October 14, 2021
https://statescoop.com/missouri-parson-accuses-newspaper-hacking/(https://statescoop.com/missouri-parson-accuses-newspaper-hacking/)
​
Zero-day hunters seek laws to prevent vendors suing them for helping out and doing their jobs
The Register
Simon Sharwood
October 11, 2021
https://www.theregister.com/2021/10/11/cyan_zero_day_legislative_project/(https://www.theregister.com/2021/10/11/cyan_zero_day_legislative_project/)
​
Apple admits iOS 15 has unpatched iPhone security flaws
BGR
Yoni Heisler
 September 28, 2021
https://bgr.com/tech/apple-admits-ios-15-has-unpatched-iphone-security-flaws/(https://bgr.com/tech/apple-admits-ios-15-has-unpatched-iphone-security-flaws/)
​
Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities
VICE
Lorenzo Franceschi-Bicchierai(https://app.criticalmention.com/app/#/contacts/reporters/06d20372-1d95-48e9-ab8e-f63f1e572a8b)
September 27, 2021
https://www.vice.com/en/article/g5gan4/apple-still-investigating-unpatched-and-public-iphone-vulnerabilities(https://www.vice.com/en/article/g5gan4/apple-still-investigating-unpatched-and-public-iphone-vulnerabilities)
​
An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Forbes
Thomas Brewster
September 17, 2021
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/?sh=10cc480e7009(https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/?sh=10cc480e7009)
​
It's not just you: Emergency software patches are on the rise
NBC News
Kevin Collier
September 14, 2021
https://www.nbcnews.com/news/amp/rcna2012(https://www.nbcnews.com/news/amp/rcna2012)
 
'Zero-day' hacks, like the one that forced Apple’s emergency update, are on the rise
Yahoo! News
Kevin Collier
September 14, 2021
https://news.yahoo.com/not-just-emergency-software-patches-210914306.html(https://news.yahoo.com/not-just-emergency-software-patches-210914306.html)
​
Apple's bug bounty program is coming under criticism - here's why
MSN
Mayank Sharma
September 10, 2021
https://www.msn.com/en-us/news/technology/apples-bug-bounty-program-is-coming-under-criticism-heres-why/ar-AAOixSp(https://www.msn.com/en-us/news/technology/apples-bug-bounty-program-is-coming-under-criticism-heres-why/ar-AAOixSp)
 
Infosec researchers say Apple’s bug-bounty program needs work
Ars Technica
Jim Salter
September 9, 2021
https://arstechnica.com/information-technology/2021/09/infosec-researchers-say-apples-bug-bounty-program-needs-work/(https://arstechnica.com/information-technology/2021/09/infosec-researchers-say-apples-bug-bounty-program-needs-work/)
​
Apple pays hackers six figures to find bugs in its software. Then it sits on their findings.
The Washington Post
Reed Albergotti
September 9, 2021
https://www.washingtonpost.com/technology/2021/09/09/apple-bug-bounty/(https://www.washingtonpost.com/technology/2021/09/09/apple-bug-bounty/)
​
'Drive It Like You Stole It: When Bug Bounties Went Boom, Part Three 
Decipher
Dennis Fisher
September 1, 2021
https://duo.com/decipher/you-got-to-drive-it-like-you-stole-it-when-bug-bounties-went-boom-part-three(https://duo.com/decipher/you-got-to-drive-it-like-you-stole-it-when-bug-bounties-went-boom-part-three)
​
Uprising in the Valley: When Bug Bounties Went Boom, Part Two
Decipher
Dennis Fisher
August 31, 2021
https://duo.com/decipher/uprising-in-the-valley-when-bug-bounties-went-boom-part-two(https://duo.com/decipher/uprising-in-the-valley-when-bug-bounties-went-boom-part-two)
​
Lawyers, Bugs, and Money: When Bug Bounties Went Boom
Decipher
Dennis Fisher
August 30, 2021
https://duo.com/decipher/lawyers-bugs-and-money-when-bug-bounties-went-boom(https://duo.com/decipher/lawyers-bugs-and-money-when-bug-bounties-went-boom)
​
As Fortinet spars with Rapid7, what can everyone else learn about disclosure?
SC Media
Joe Uchill
August 18, 2021
https://www.scmagazine.com/analysis/vulnerability-management/as-fortinet-spars-with-rapid7-what-can-everyone-else-learn-about-disclosure(https://www.scmagazine.com/analysis/vulnerability-management/as-fortinet-spars-with-rapid7-what-can-everyone-else-learn-about-disclosure)
​
Apple says its CSAM scan code can be verified by researchers. Corellium starts throwing out dollar bills
The Register
Thomas Claburn
August 17, 2021
https://www.theregister.com/2021/08/17/corellium_apple_bounty/(https://www.theregister.com/2021/08/17/corellium_apple_bounty/)
 
Ministry of Defence makes first ever bounty payments to hackers
Sky News
Alexander Martin
August 3, 2021
https://news.sky.com/story/ministry-of-defence-makes-first-ever-bounty-payments-to-hackers-12371510(https://news.sky.com/story/ministry-of-defence-makes-first-ever-bounty-payments-to-hackers-12371510)
​
A Controversial Tool Calls Out Thousands of Hackable Websites
Wired
Andy Greenberg
July 27, 2021
https://wired.me/technology/security/controversial-tool-punkspider-calls-out-hackable-websites/(https://wired.me/technology/security/controversial-tool-punkspider-calls-out-hackable-websites/)
​
The Cybersecurity 202: Cyber experts give Biden top marks at six months
The Washington Post
Joseph Marks
July 26, 2021
https://www.washingtonpost.com/politics/2021/07/26/cybersecurity-202-cyber-experts-give-biden-top-marks-six-months/(https://www.washingtonpost.com/politics/2021/07/26/cybersecurity-202-cyber-experts-give-biden-top-marks-six-months/)
​
So nice of China to put all of its network zero-day vulns in one giant database no one will think to break into
The Register
Iain Thomson
July 15, 2021
https://www.theregister.com/2021/07/15/china_vulnerability_law/(https://www.theregister.com/2021/07/15/china_vulnerability_law/)
​
Firm hacked to spread ransomware had previous security flaws
Associated Press
Matt O'Brien
July 13, 2021
https://apnews.com/article/europe-business-technology-hacking-db3e5f615629bb225259efaf7fdf378c(https://apnews.com/article/europe-business-technology-hacking-db3e5f615629bb225259efaf7fdf378c)
​
AWS launches BugBust contest: Help fix a $100m problem for a $12 tshirt
The Register
Thomas Claburn
June 25, 2021
https://www.theregister.com/2021/06/25/aws_bugbust_contest/(https://www.theregister.com/2021/06/25/aws_bugbust_contest/)
​
Cybersecurity Companies Join Forces Against Controversial DMCA 
SecurityWeek
Eduard Kovacs
June 24, 2021
https://www.securityweek.com/cybersecurity-companies-join-forces-against-controversial-dmca-section(https://www.securityweek.com/cybersecurity-companies-join-forces-against-controversial-dmca-section)
​
Katie Moussouris: Coordinated Vulnerability Disclosure and the Problem with Bug Bounty Platforms
TechSpective Podcast Episode 067
Tony Bradley
June 21, 2021
https://securityboulevard.com/2021/06/katie-moussouris-coordinated-vulnerability-disclosure-and-the-problem-with-bug-bounty-platforms/(https://securityboulevard.com/2021/06/katie-moussouris-coordinated-vulnerability-disclosure-and-the-problem-with-bug-bounty-platforms/)
​
Cybersecurity 202: The Biden administration aims big on cybersecurity spending
Washington Post
Joseph Marks
June 1, 2021
https://www.washingtonpost.com/politics/2021/06/01/cybersecurity-202-biden-administration-aims-big-cybersecurity-spending/(https://www.washingtonpost.com/politics/2021/06/01/cybersecurity-202-biden-administration-aims-big-cybersecurity-spending/)
​
NTIA Wants Feedback on Software Transparency Plan
NextGov
Mariam Baksh
June 1, 2021
https://www.nextgov.com/cybersecurity/2021/06/ntia-wants-feedback-plan-software-transparency-plan/174429/(https://www.nextgov.com/cybersecurity/2021/06/ntia-wants-feedback-plan-software-transparency-plan/174429/)
​
House bill would require federal contractors to put in place vulnerability disclosure programs
SC Media
Joe Uchill
June 1, 2021
https://www.scmagazine.com/home/government/bill-would-require-contractors-to-have-vulnerability-disclosure-programs/(https://www.scmagazine.com/news/regulation/bill-would-require-contractors-to-have-vulnerability-disclosure-programs)(https://www.scmagazine.com/news/regulation/bill-would-require-contractors-to-have-vulnerability-disclosure-programs)
​
Security experts break down exactly why you shouldn't share your passwords: 'It's really dangerous'
Yahoo! News
Korin Miller
May 20, 2021
https://news.yahoo.com/news/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html(https://news.yahoo.com/news/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html)
​
How to 'be vigilant' and protect your digital assets from getting hacked
Yahoo Finance
Alexis Keenan
April 29, 2021
https://finance.yahoo.com/news/how-to-protect-your-digital-assets-from-getting-hacked-164012380.html(https://finance.yahoo.com/news/how-to-protect-your-digital-assets-from-getting-hacked-164012380.html)
​
The Cybersecurity 202: Nearly two-thirds of cybersecurity experts think Biden’s response to Russian hack is sufficient
Washington Post
Tonya Riley
April 26, 2021
https://www.washingtonpost.com/politics/2021/04/26/cybersecurity-202-nearly-two-thirds-cybersecurity-experts-think-biden-response-russian-hack-is-sufficient/(https://www.washingtonpost.com/politics/2021/04/26/cybersecurity-202-nearly-two-thirds-cybersecurity-experts-think-biden-response-russian-hack-is-sufficient/)
 
In Appreciation: Dan Kaminsky
Dark Reading
Kelly Jackson Higgins
April 26, 2021
https://www.darkreading.com/vulnerabilities---threats/in-appreciation-dan-kaminsky/d/d-id/1340830?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple(https://www.darkreading.com/vulnerabilities---threats/in-appreciation-dan-kaminsky/d/d-id/1340830?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple)
​
A Clubhouse Bug Let People Lurk in Rooms Invisibly
Wired
Lily Hay Newman
April 21, 2021
https://www.wired.com/story/clubhouse-bug-lurkers-ghost/(https://www.wired.com/story/clubhouse-bug-lurkers-ghost/)
​
University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired
The Register
Thomas Claburn
April 21, 2021
https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/(https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/)
​
What to Do After a Data Breach
Consumer Reports
Yael Grauer
April 12, 2021
https://www.consumerreports.org/data-theft/what-to-do-after-a-data-breach/(https://www.consumerreports.org/data-theft/what-to-do-after-a-data-breach/)
​
For US cyber defense, helpful hackers are only half the battle
The Hill
Katie Moussouris Op-ed
March 17, 2021
https://thehill.com/opinion/technology/543464-for-us-cyber-defense-helpful-hackers-are-only-half-the-battle(https://thehill.com/opinion/technology/543464-for-us-cyber-defense-helpful-hackers-are-only-half-the-battle)
​
GitHub removes researcher's Exchange Server exploit, sparking industry debate
CyberScoop
Sean Lyngaas
March 11, 2021
https://www.cyberscoop.com/github-exploit-exchange-server-microsoft/(https://www.cyberscoop.com/github-exploit-exchange-server-microsoft/)
​
It’s Open Season for Microsoft Exchange Server Hacks
Wired
Lily Hay Newman
March 10, 2021
https://www.wired.com/story/microsoft-exchange-patch-hacks-ransomware/(https://www.wired.com/story/microsoft-exchange-patch-hacks-ransomware/)
​
Casting a wide intrusion net: Dozens of companies, agencies were burned with a single hack
The Dallas Morning News/Associated Press
Frank Bajak
March 8, 2021
https://www.dallasnews.com/business/2021/03/08/casting-a-wide-intrusion-net-dozens-of-companies-agencies-were-burned-with-a-single-hack/(https://www.dallasnews.com/business/2021/03/08/casting-a-wide-intrusion-net-dozens-of-companies-agencies-were-burned-with-a-single-hack/)
​
The Cybersecurity 202: Here's what cybersecurity experts think Biden should prioritize in his first 100 days
The Washington Post
Tonya Riley
February 1, 2021
https://www.washingtonpost.com/politics/2021/02/01/cybersecurity-202-here-what-cybersecurity-experts-think-biden-should-prioritize-his-first-100-days/(https://www.washingtonpost.com/politics/2021/02/01/cybersecurity-202-here-what-cybersecurity-experts-think-biden-should-prioritize-his-first-100-days/)
​
Apple warns of "remote attacker" security threat on iPhone and iPad, releases iOS 14.4 update
CBS News
Cassidy McDonald
January 27, 2021
https://www.cbsnews.com/news/apple-update-iphone-security-ios-14-4/(https://www.cbsnews.com/news/apple-update-iphone-security-ios-14-4/)
​
Survey says, women in cyber make 31 percent less than men
SC Magazine
Bradley Barth
January 6, 2021
https://www.scmagazine.com/women-in-it-security/survey-says-women-in-cyber-make-31-percent-less-than-men/(https://www.scmagazine.com/women-in-it-security/survey-says-women-in-cyber-make-31-percent-less-than-men/)

Question 4

2020

Accepted Answer

​Cyber leaders back Biden’s DHS pick
Politico
Martin Matishak
December 21, 2020
https://www.politico.com/newsletters/weekly-cybersecurity/2020/12/21/cyber-leaders-back-bidens-dhs-pick-792428(https://www.politico.com/newsletters/weekly-cybersecurity/2020/12/21/cyber-leaders-back-bidens-dhs-pick-792428)
​
The Cybersecurity 202: Trump took the nation in the wrong direction on cybersecurity, experts say
The Washington Post
Joseph Marks
December 15, 2020
https://www.washingtonpost.com/politics/2020/12/15/cybersecurity-202-trump-took-nation-wrong-direction-cybersecurity-experts-say/(https://www.washingtonpost.com/politics/2020/12/15/cybersecurity-202-trump-took-nation-wrong-direction-cybersecurity-experts-say/)
​
HackerOne, Verizon Media weigh pros and cons of making live hacking contests virtual
CyberScoop
Tim Starks
December 14, 2020
https://www.cyberscoop.com/hackerone-verizon-bug-bounties-hacking/(https://www.cyberscoop.com/hackerone-verizon-bug-bounties-hacking/)
​
U.S. Supreme Court to Weigh Anti-Hacking Law’s Limits on Access
Bloomberg Law
Andrea Vittorio
November 27, 2020
https://news.bloomberglaw.com/privacy-and-data-security/u-s-supreme-court-to-weigh-anti-hacking-laws-limits-on-access?context=article-related(https://news.bloomberglaw.com/privacy-and-data-security/u-s-supreme-court-to-weigh-anti-hacking-laws-limits-on-access?context=article-related)
​
S3 Ep8: A conversation with Katie Moussouris [Podcast]
Naked Security – Sophos
Paul Ducklin
November 25, 2020
https://nakedsecurity.sophos.com/2020/11/25/s3-ep8-a-conversation-with-katie-moussouris/(https://nakedsecurity.sophos.com/2020/11/25/s3-ep8-a-conversation-with-katie-moussouris/)
​
Firing of security official draws bipartisan rebuke
Axios
Ina Fried
November 18, 2020
https://www.axios.com/firing-security-official-christopher-krebs-draws-bipartisan-rebuke-18e6953a-ada3-421a-8c50-65b0ebc09ef5.html(https://www.axios.com/firing-security-official-christopher-krebs-draws-bipartisan-rebuke-18e6953a-ada3-421a-8c50-65b0ebc09ef5.html)
​
Trump Fires Christopher Krebs, Head of CISA
Bank Info Security
Jeremy Kirk
November 17, 2020
https://www.bankinfosecurity.com/trump-fires-christopher-krebs-head-cisa-a-15386(https://www.bankinfosecurity.com/trump-fires-christopher-krebs-head-cisa-a-15386)
​
How to Make the Most of Your Budding Cybersecurity Career
Government Technology
Cisco
November 12, 2020
https://www.govtech.com/security/How-to-Make-the-Most-of-Your-Budding-Cybersecurity-Career.html(https://www.govtech.com/security/How-to-Make-the-Most-of-Your-Budding-Cybersecurity-Career.html)
 
Zoom deceived users about the privacy of their calls, FTC
Mashable
Jack Morse
November 9, 2020
https://mashable.com/article/zoom-settlement-federal-trade-commission-encryption-misled-users/(https://mashable.com/article/zoom-settlement-federal-trade-commission-encryption-misled-users/)
​
Apple Fixes iOS Zero Day Flaws Found by Google
Bank Info Security
Jeremy Kirk
November 5, 2020
https://www.bankinfosecurity.com/apple-fixes-ios-zero-day-flaws-found-by-google-a-15317(https://www.bankinfosecurity.com/apple-fixes-ios-zero-day-flaws-found-by-google-a-15317)
 
Did a Security Researcher Really Access Trump’s Twitter Account?
PC Mag
Michael Kan
October 22, 2020
https://www.pcmag.com/news/did-a-security-researcher-really-access-trumps-twitter-account(https://www.pcmag.com/news/did-a-security-researcher-really-access-trumps-twitter-account)
 
Grindr's Bug Bounty Pledge Doesn't Translate to Security
Threatpost
Lindsey O’Donnell
October 6, 2020
https://threatpost.com/grindrs-bug-bounty-pledge-security/159893/(https://threatpost.com/grindrs-bug-bounty-pledge-security/159893/)
 
It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure
Threatpost
Tara Seals
September 11, 2020
https://threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/(https://threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/)
​
CISA Issues Final Order on Federal Vulnerability Disclosure, But Questions Remain
Dennis Fisher
Decipher
September 4, 2020
https://duo.com/decipher/cisa-issues-final-order-on-federal-vulnerability-disclosure-but-questions-remain(https://duo.com/decipher/cisa-issues-final-order-on-federal-vulnerability-disclosure-but-questions-remain)
 
Fb to warn third-party developers of vulnerable code
TechCrunch
Zack Whittaker & Sarah Perez
September 3, 2020
https://techcrunch.com/2020/09/03/facebook-vulnerable-code/(https://techcrunch.com/2020/09/03/facebook-vulnerable-code/)
 
Homeland Security demands a 911 for reporting security holes in federal networks: 'Vulns in internet systems cause real-world impacts'
Thomas Claburn
The Register
September 2, 2020
https://www.theregister.com/2020/09/03/us_bug_bounty/(https://www.theregister.com/2020/09/03/us_bug_bounty/)
​
So You Want to Build a Vulnerability Disclosure Program?
Mathew J. Schwartz
InfoRiskToday
August 20, 2020
https://www.inforisktoday.com/so-you-want-to-build-vulnerability-disclosure-program-a-14859(https://www.inforisktoday.com/so-you-want-to-build-vulnerability-disclosure-program-a-14859)
​
Microsoft forked out $13.7m in bug bounties. The reward program's architect thinks the money could be better spent
The Register
Shaun Nichols
August 4, 2020
https://www.theregister.com/2020/08/04/microsoft_137_bug_bounties/(https://www.theregister.com/2020/08/04/microsoft_137_bug_bounties/)

Repository of articles

News Archive

2021

2020

News & Info

Vulnerability Maturity | Bespoke Assessments | Bug Bounty | Security ROI