top of page

Luta Security in the News

Industry launches hacking policy council, legal defense fund to support security research and disclosures

SC Media

Derek B. Johnson

April 13, 2023

https://www.scmagazine.com/news/leadership/hacking-policy-council-launched-to-support-security-research-and-disclosures

​

Tech Companies Unveil New Hacking Policy Council, Legal Defense Fund for Researchers

Decipher

Dennis Fisher

April 13, 2023

https://duo.com/decipher/tech-companies-unveil-new-hacking-policy-council-legal-defense-fund-for-researchers

​

OpenAI launches bug bounty program with Bugcrowd

TechTarget

Alexander Culafi

April 12, 2023

https://www.techtarget.com/searchsecurity/news/365535122/OpenAI-launches-bug-bounty-program-with-Bugcrowd

 

Think ransomware gangs won't thrive this year? Think again, experts say

The Washington Post

Tim Starks

March 30, 2023

https://www.washingtonpost.com/politics/2023/03/30/think-ransomware-gangs-wont-thrive-this-year-think-again-experts-say/ 

​

Katie Moussouris on where bug bounties went wrong

Security Conversations

Ryan Naraine

December 8, 2022

https://securityconversations.com/episode/katie-moussouris-on-where-bug-bounties-went-wrong/

​

How to build a public profile as a cybersecurity pro

CSO

Samira Sarraf

November 29, 2022

https://www.csoonline.com/article/3680390/how-to-build-a-public-profile-as-a-cybersecurity-pro.html

​

For cyber experts, disinformation overshadows cyberthreats in midterms

The Washington Post: Cybersecurity 202

Tim Starks

October 31, 2022

https://www.washingtonpost.com/politics/2022/10/31/cyber-experts-disinformation-overshadows-cyberthreats-midterms/

​

This Hacker Is Trying to Close the Gender Pay Gap in Cybersecurity

VICE

Chloe Xiang

September 14, 2022

https://www.vice.com/en/article/xgyvza/this-hacker-is-trying-to-close-the-gender-pay-gap-in-cybersecurity

https://youtu.be/QgX_iKNbFaM

​

Bug Bounty Botox – Why You Need a Security Process First

InfoSecurity Magazine

Sean Michael Kerner 

August 12, 2022

https://www.infosecurity-magazine.com/news/bhusa-bug-bounty-botox/

​

For Bug Bounties, 'Knowing is less than half the battle’

Decipher

Dennis Fisher

August 11, 2022

https://duo.com/decipher/for-bug-bounties-knowing-is-less-than-half-the-battle

​

As Black Hat kicks off, the US government is getting the message on hiring security talent

The Register

Iain Thomson

August 10, 2022

https://www.theregister.com/2022/08/10/us_security_hiring/

​

Why Bug-Bounty Programs Are Failing Everyone

Dark Reading

Ericka Chickowski

July 29, 2022

https://www.darkreading.com/black-hat/why-bug-bounty-programs-failing-everyone

​

Experts: California lacked safeguards for gun owner info

Associated Press

Don Thompson

July 1, 2022

https://apnews.com/article/technology-california-gun-politics-violence-government-and-3a7b488f69a0ba949923ceb382c4838a

​

Security experts break down exactly why you shouldn't share your passwords: 'It's really dangerous'

Yahoo! News

May 10, 2022

https://www.yahoo.com/lifestyle/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html

​

Musk's plans to make Twitter's algorithms public raises disinformation conundrum

CyberScoop

Tonya Riley

April 26, 2022

https://www.cyberscoop.com/elon-musk-twitter-algorithm-open-source-disinfomation/

​

Attacking rival, Google says Microsoft’s hold on government security is a problem

NBC News

Kevin Collier

March 31, 2022

https://www.nbcnews.com/tech/security/attacking-rival-google-says-microsofts-hold-government-security-proble-rcna22159

​

Russia may be primed to hack America’s infrastructure

Yahoo! Finance
Daniel Howley
February 24, 2022

https://finance.yahoo.com/news/russia-may-be-primied-to-hack-americas-infrastructure-182256545.html

​

Most cyber pros give thumbs down to the EARN IT Act

The Washington Post: Cybersecurity 202

Joseph Marks

February 23, 2022

https://www.washingtonpost.com/politics/2022/02/23/most-cyber-pros-give-thumbs-down-earn-it-act/

​

Tracking cyber’s role in the Russia-Ukraine conflict

Politico

Sam Sabin

02/14/2022

https://www.politico.com/newsletters/weekly-cybersecurity/2022/02/14/tracking-cybers-role-in-the-russia-ukraine-conflict-00008520

​

Senators aren't swayed by Apple's security arguments

The Washington Post: Cybersecurity 202

Joseph Marks

February 4, 2022

https://www.washingtonpost.com/politics/2022/02/04/senators-arent-swayed-by-apple-security-arguments/

​

New DHS Cyber Safety Review Board will investigate major incidents 

CNN

Geneva Sands and Sean Lyngaas

February 3, 2022

https://www.cnn.com/2022/02/03/politics/dhs-cybersecurity-review-board-major-incidents/index.html

​

Homeland Security establishes the Cyber Safety Review Board to learn the mistakes from past cyber incidents

TechCrunch
Carly Page

February 3, 2022

https://techcrunch.com/2022/02/03/homeland-security-cyber-safety-review-board/

​

Is Russia or China the biggest cyber threat? Experts are split

The Washington Post: Cybersecurity 202

Joseph Marks

January 20, 2022

https://www.washingtonpost.com/politics/2022/01/20/is-russia-or-china-biggest-cyber-threat-experts-are-split/

​

Google says open source software should be more secure

The Register

Thomas Claburn

January 14, 2022

https://www.theregister.com/2022/01/14/google_says_open_source_software/

​

The FTC Wants Companies to Find Log4j Fast. It Won't Be So Easy

Wired

Chris Stokel-Walker

January 10, 2022

https://www.wired.co.uk/article/lo4j-ftc-vulnerability

​

Agencies get Christmas Eve deadline to address ‘extremely concerning’ vulnerability

Federal News Network

Justin Doubleday
December 15, 2021

https://federalnewsnetwork.com/cybersecurity/2021/12/agencies-get-christmas-eve-deadline-to-address-extremely-concerning-vulnerability/

​

US government to offer up to $5,000 'bounty' to hackers to identify cyber vulnerabilities

CNN

Geneva Sands
December 14, 2021

https://www.cnn.com/2021/12/14/politics/dhs-bug-bounty-hackers-cyber-vulnerabilities/index.html

​

A Log4J Vulnerability Has Set the Internet 'On Fire'

Wired Magazine

Lily Hay Newman

December 10, 2021

https://www.wired.com/story/log4j-flaw-hacking-internet/

​

Vast majority of our Network cyber experts favor mandates to report hacks

The Washington Post: Cybersecurity 202

Joseph Marks

December 6, 2021

https://www.washingtonpost.com/politics/2021/12/06/vast-majority-our-network-cyber-experts-favor-mandates-report-hacks/

​

The Matrix Is the Best Hacker Movie

Wired Magazine

Andy Greenberg

December 1, 2021

https://www.wired.com/story/matrix-best-hacker-movie/

​

Q&A: Ciaran Martin

InfoSecurity Magazine

Eleanor Dallaway

November 25, 2021

https://www.infosecurity-magazine.com/interviews/qa-ciaran-martin/

​

NIST workshop provides clues to upcoming software supply chain security guidelines

CSO Magazine

Cynthia Brumfield

November 23, 2021

https://www.csoonline.com/article/3641888/nist-workshop-provides-clues-to-upcoming-software-supply-chain-security-guidelines.html

​

Reporter who notified Missouri officials of website flaw did 'nothing out of line,' emails show

StateScoop

Benjamin Freed

October 27, 2021

https://statescoop.com/missouri-parson-reporter-did-nothing-wrong/

 

The U.S. cyber workforce gap is getting bigger

The Washington Post / Cybersecurity 202

Joseph Marks

October 26, 2021

https://www.washingtonpost.com/politics/2021/10/26/us-cyber-workforce-gap-is-getting-bigger/

​

Announcing the 2021 CyberScoop 50 awards winners

CyberScoop

Staff

October 18, 2021

https://www.cyberscoop.com/announcing-2021-cyberscoop-50-award-winners/

 

Missouri governor accuses newspaper of 'hacking' state website

StateScoop

Benjamin Freed

October 14, 2021

https://statescoop.com/missouri-parson-accuses-newspaper-hacking/

​

Zero-day hunters seek laws to prevent vendors suing them for helping out and doing their jobs

The Register

Simon Sharwood

October 11, 2021

https://www.theregister.com/2021/10/11/cyan_zero_day_legislative_project/

​

Apple admits iOS 15 has unpatched iPhone security flaws

BGR

Yoni Heisler
September 28, 2021

https://bgr.com/tech/apple-admits-ios-15-has-unpatched-iphone-security-flaws/

​

Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities

VICE

Lorenzo Franceschi-Bicchierai

September 27, 2021

https://www.vice.com/en/article/g5gan4/apple-still-investigating-unpatched-and-public-iphone-vulnerabilities

​

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan

Forbes

Thomas Brewster

September 17, 2021

https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/?sh=10cc480e7009

​

It's not just you: Emergency software patches are on the rise

NBC News

Kevin Collier

September 14, 2021

https://www.nbcnews.com/news/amp/rcna2012

 

'Zero-day' hacks, like the one that forced Apple’s emergency update, are on the rise

Yahoo! News

Kevin Collier

September 14, 2021

https://news.yahoo.com/not-just-emergency-software-patches-210914306.html

​

Apple's bug bounty program is coming under criticism - here's why

MSN

Mayank Sharma

September 10, 2021

https://www.msn.com/en-us/news/technology/apples-bug-bounty-program-is-coming-under-criticism-heres-why/ar-AAOixSp

 

Infosec researchers say Apple’s bug-bounty program needs work

Ars Technica

Jim Salter

September 9, 2021

https://arstechnica.com/information-technology/2021/09/infosec-researchers-say-apples-bug-bounty-program-needs-work/

​

Apple pays hackers six figures to find bugs in its software. Then it sits on their findings.

The Washington Post

Reed Albergotti

September 9, 2021

https://www.washingtonpost.com/technology/2021/09/09/apple-bug-bounty/

​

'Drive It Like You Stole It: When Bug Bounties Went Boom, Part Three 

Decipher

Dennis Fisher

September 1, 2021

https://duo.com/decipher/you-got-to-drive-it-like-you-stole-it-when-bug-bounties-went-boom-part-three

​

Uprising in the Valley: When Bug Bounties Went Boom, Part Two

Decipher

Dennis Fisher

August 31, 2021

https://duo.com/decipher/uprising-in-the-valley-when-bug-bounties-went-boom-part-two

​

Lawyers, Bugs, and Money: When Bug Bounties Went Boom

Decipher

Dennis Fisher

August 30, 2021

https://duo.com/decipher/lawyers-bugs-and-money-when-bug-bounties-went-boom

​

As Fortinet spars with Rapid7, what can everyone else learn about disclosure?

SC Media

Joe Uchill

August 18, 2021

https://www.scmagazine.com/analysis/vulnerability-management/as-fortinet-spars-with-rapid7-what-can-everyone-else-learn-about-disclosure

​

Apple says its CSAM scan code can be verified by researchers. Corellium starts throwing out dollar bills

The Register

Thomas Claburn

August 17, 2021

https://www.theregister.com/2021/08/17/corellium_apple_bounty/

 

Ministry of Defence makes first ever bounty payments to hackers

Sky News

Alexander Martin

August 3, 2021

https://news.sky.com/story/ministry-of-defence-makes-first-ever-bounty-payments-to-hackers-12371510

​

A Controversial Tool Calls Out Thousands of Hackable Websites

Wired

Andy Greenberg

July 27, 2021

https://wired.me/technology/security/controversial-tool-punkspider-calls-out-hackable-websites/

​

The Cybersecurity 202: Cyber experts give Biden top marks at six months

The Washington Post

Joseph Marks

July 26, 2021

https://www.washingtonpost.com/politics/2021/07/26/cybersecurity-202-cyber-experts-give-biden-top-marks-six-months/

​

So nice of China to put all of its network zero-day vulns in one giant database no one will think to break into

The Register

Iain Thomson

July 15, 2021

https://www.theregister.com/2021/07/15/china_vulnerability_law/

​

Firm hacked to spread ransomware had previous security flaws

Associated Press

Matt O'Brien

July 13, 2021

https://apnews.com/article/europe-business-technology-hacking-db3e5f615629bb225259efaf7fdf378c

​

AWS launches BugBust contest: Help fix a $100m problem for a $12 tshirt

The Register

Thomas Claburn

June 25, 2021

https://www.theregister.com/2021/06/25/aws_bugbust_contest/

​

Cybersecurity Companies Join Forces Against Controversial DMCA 

SecurityWeek

Eduard Kovacs

June 24, 2021

https://www.securityweek.com/cybersecurity-companies-join-forces-against-controversial-dmca-section

​

Katie Moussouris: Coordinated Vulnerability Disclosure and the Problem with Bug Bounty Platforms

TechSpective Podcast Episode 067

Tony Bradley

June 21, 2021

https://securityboulevard.com/2021/06/katie-moussouris-coordinated-vulnerability-disclosure-and-the-problem-with-bug-bounty-platforms/

​

Cybersecurity 202: The Biden administration aims big on cybersecurity spending

Washington Post

Joseph Marks

June 1, 2021

https://www.washingtonpost.com/politics/2021/06/01/cybersecurity-202-biden-administration-aims-big-cybersecurity-spending/

​

NTIA Wants Feedback on Software Transparency Plan

NextGov

Mariam Baksh

June 1, 2021

https://www.nextgov.com/cybersecurity/2021/06/ntia-wants-feedback-plan-software-transparency-plan/174429/

​

House bill would require federal contractors to put in place vulnerability disclosure programs

SC Media

Joe Uchill

June 1, 2021

https://www.scmagazine.com/home/government/bill-would-require-contractors-to-have-vulnerability-disclosure-programs/

​

Security experts break down exactly why you shouldn't share your passwords: 'It's really dangerous'

Yahoo! News

Korin Miller

May 20, 2021

https://news.yahoo.com/news/why-you-shouldnt-share-passwords-yahoo-subscriptions-011927368.html

​

How to 'be vigilant' and protect your digital assets from getting hacked

Yahoo Finance

Alexis Keenan

April 29, 2021

https://finance.yahoo.com/news/how-to-protect-your-digital-assets-from-getting-hacked-164012380.html

​

The Cybersecurity 202: Nearly two-thirds of cybersecurity experts think Biden’s response to Russian hack is sufficient

Washington Post

Tonya Riley

April 26, 2021

https://www.washingtonpost.com/politics/2021/04/26/cybersecurity-202-nearly-two-thirds-cybersecurity-experts-think-biden-response-russian-hack-is-sufficient/

 

In Appreciation: Dan Kaminsky

Dark Reading

Kelly Jackson Higgins

April 26, 2021

https://www.darkreading.com/vulnerabilities---threats/in-appreciation-dan-kaminsky/d/d-id/1340830?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

​

A Clubhouse Bug Let People Lurk in Rooms Invisibly

Wired

Lily Hay Newman

April 21, 2021

https://www.wired.com/story/clubhouse-bug-lurkers-ghost/

​

University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired

The Register

Thomas Claburn

April 21, 2021

https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/

​

What to Do After a Data Breach

Consumer Reports

Yael Grauer

April 12, 2021

https://www.consumerreports.org/data-theft/what-to-do-after-a-data-breach/

​

For US cyber defense, helpful hackers are only half the battle

The Hill

Katie Moussouris Op-ed

March 17, 2021

https://thehill.com/opinion/technology/543464-for-us-cyber-defense-helpful-hackers-are-only-half-the-battle

​

GitHub removes researcher's Exchange Server exploit, sparking industry debate

CyberScoop

Sean Lyngaas

March 11, 2021

https://www.cyberscoop.com/github-exploit-exchange-server-microsoft/

​

It’s Open Season for Microsoft Exchange Server Hacks

Wired

Lily Hay Newman

March 10, 2021

https://www.wired.com/story/microsoft-exchange-patch-hacks-ransomware/

​

Casting a wide intrusion net: Dozens of companies, agencies were burned with a single hack

The Dallas Morning News/Associated Press

Frank Bajak

March 8, 2021

https://www.dallasnews.com/business/2021/03/08/casting-a-wide-intrusion-net-dozens-of-companies-agencies-were-burned-with-a-single-hack/

​

The Cybersecurity 202: Here's what cybersecurity experts think Biden should prioritize in his first 100 days

The Washington Post

Tonya Riley

February 1, 2021

https://www.washingtonpost.com/politics/2021/02/01/cybersecurity-202-here-what-cybersecurity-experts-think-biden-should-prioritize-his-first-100-days/

​

Apple warns of "remote attacker" security threat on iPhone and iPad, releases iOS 14.4 update

CBS News

Cassidy McDonald

January 27, 2021

https://www.cbsnews.com/news/apple-update-iphone-security-ios-14-4/

​

Survey says, women in cyber make 31 percent less than men

SC Magazine

Bradley Barth

January 6, 2021

https://www.scmagazine.com/women-in-it-security/survey-says-women-in-cyber-make-31-percent-less-than-men/

​

Cyber leaders back Biden’s DHS pick

Politico

Martin Matishak

December 21, 2020

https://www.politico.com/newsletters/weekly-cybersecurity/2020/12/21/cyber-leaders-back-bidens-dhs-pick-792428

​

The Cybersecurity 202: Trump took the nation in the wrong direction on cybersecurity, experts say

The Washington Post

Joseph Marks

December 15, 2020

https://www.washingtonpost.com/politics/2020/12/15/cybersecurity-202-trump-took-nation-wrong-direction-cybersecurity-experts-say/

​

HackerOne, Verizon Media weigh pros and cons of making live hacking contests virtual

CyberScoop

Tim Starks

December 14, 2020

https://www.cyberscoop.com/hackerone-verizon-bug-bounties-hacking/

​

U.S. Supreme Court to Weigh Anti-Hacking Law’s Limits on Access

Bloomberg Law

Andrea Vittorio

November 27, 2020

https://news.bloomberglaw.com/privacy-and-data-security/u-s-supreme-court-to-weigh-anti-hacking-laws-limits-on-access?context=article-related

​

S3 Ep8: A conversation with Katie Moussouris [Podcast]

Naked Security – Sophos

Paul Ducklin

November 25, 2020

https://nakedsecurity.sophos.com/2020/11/25/s3-ep8-a-conversation-with-katie-moussouris/

​

Firing of security official draws bipartisan rebuke

Axios

Ina Fried

November 18, 2020

https://www.axios.com/firing-security-official-christopher-krebs-draws-bipartisan-rebuke-18e6953a-ada3-421a-8c50-65b0ebc09ef5.html

​

Trump Fires Christopher Krebs, Head of CISA

Bank Info Security

Jeremy Kirk

November 17, 2020

https://www.bankinfosecurity.com/trump-fires-christopher-krebs-head-cisa-a-15386

​

How to Make the Most of Your Budding Cybersecurity Career

Government Technology

Cisco

November 12, 2020

https://www.govtech.com/security/How-to-Make-the-Most-of-Your-Budding-Cybersecurity-Career.html

 

Zoom deceived users about the privacy of their calls, FTC

Mashable

Jack Morse

November 9, 2020

https://mashable.com/article/zoom-settlement-federal-trade-commission-encryption-misled-users/

​

Apple Fixes iOS Zero Day Flaws Found by Google

Bank Info Security

Jeremy Kirk

November 5, 2020

https://www.bankinfosecurity.com/apple-fixes-ios-zero-day-flaws-found-by-google-a-15317

 

Did a Security Researcher Really Access Trump’s Twitter Account?

PC Mag

Michael Kan

October 22, 2020

https://www.pcmag.com/news/did-a-security-researcher-really-access-trumps-twitter-account

 

Grindr's Bug Bounty Pledge Doesn't Translate to Security

Threatpost

Lindsey O’Donnell

October 6, 2020

https://threatpost.com/grindrs-bug-bounty-pledge-security/159893/

 

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Threatpost

Tara Seals

September 11, 2020

https://threatpost.com/giggle-managing-expectations-vulnerability-disclosure/159039/

​

CISA Issues Final Order on Federal Vulnerability Disclosure, But Questions Remain

Dennis Fisher

Decipher

September 4, 2020

https://duo.com/decipher/cisa-issues-final-order-on-federal-vulnerability-disclosure-but-questions-remain

 

Fb to warn third-party developers of vulnerable code

TechCrunch

Zack Whittaker & Sarah Perez

September 3, 2020

https://techcrunch.com/2020/09/03/facebook-vulnerable-code/

 

Homeland Security demands a 911 for reporting security holes in federal networks: 'Vulns in internet systems cause real-world impacts'

Thomas Claburn

The Register

September 2, 2020

https://www.theregister.com/2020/09/03/us_bug_bounty/

​

So You Want to Build a Vulnerability Disclosure Program?

Mathew J. Schwartz

InfoRiskToday

August 20, 2020

https://www.inforisktoday.com/so-you-want-to-build-vulnerability-disclosure-program-a-14859

​

Microsoft forked out $13.7m in bug bounties. The reward program's architect thinks the money could be better spent

The Register

Shaun Nichols

August 4, 2020

https://www.theregister.com/2020/08/04/microsoft_137_bug_bounties/

bottom of page