responsible disclosure – WindowsTechs.com

US government warning! What if anyone could open your garage door?

Posted on April 5, 2023 by Paul Ducklin

Posted on December 2, 2021 by Paul Ducklin

“Must be at least THIS tall to go on ride” seems to be the starting point. Too little, too late? Or better than nothing? Continue reading IoT devices must “protect consumers from cyberharm”, says UK government→

Posted on March 10, 2021 by Graham Cluley

Platform engineer and open source enthusiast Rob Dyke says that he’s found himself in a sticky pickle.

You see, in late February he discovered two public repositories on Github which contained code for an application, API keys, usernames nad passwor… Continue reading Told your organisation is leaking data? Here’s how not to respond→

Posted on February 15, 2021 by Paul Ducklin

Posted on June 1, 2020 by Paul Ducklin

A bug bounty hunter found a way to login using “Sign in with Apple”… but without the part where you have to put in a password. Continue reading No password required! “Sign in with Apple” account takeover flaw patched→

Posted on January 29, 2020 by Lisa Vaas

… with a clumsily worded proposed bill that wouldn’t protect researchers. Continue reading Let’s make ransomware MORE illegal, says Maryland→

Posted on January 9, 2020 by Danny Bradbury

Google’s Project Zero bug-hunting team has tweaked its 90-day responsible disclosure policy to help improve the quality and adoption of vendor patches. Continue reading Google’s Project Zero highlights patch quality with policy tweak→

Posted on December 2, 2019 by Danny Bradbury

All you bug hunters out there are about to get a nice Christmas gift – the US federal government finally wants to hear from you. Continue reading Uncle Sam opens arms to friendly hackers→

Posted on October 9, 2019 by Lisa Vaas

TOMS seems like a really nice shoe company, and it just got hacked in a really nice way. But it’s still a hack. Continue reading TOMS hacker tells people to log off and enjoy a screenless day→