Collaborate Disseminate
If the social-media behemoth finds a bug in another platform’s code, the project has 90 days to remediate before Facebook goes public. Continue reading Facebook Debuts Third-Party Vulnerability Disclosure Policy
Project Zero vulnerability disclosures will now happen at 90 days, even if a patch becomes available before then. Continue reading Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy
Results of a NTIA survey published today show that researchers prefer open communication with vendors over financial compensation when it comes to vulnerability disclosure. Continue reading Bug Hunters Prefer Communication Over Compensation
St. Jude Medical yesterday filed a lawsuit alleging that Muddy Waters and Med Sec made false claims and attempted to manipulate St. Jude stock. Continue reading St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters