Bugcrowd Blog

NIST: Vulnerability Disclosure as a Requirement for Every Organization

Posted by Jonathan Cran on Jan 18, 2018 12:11:38 PM

Earlier this month, the National Institute of Standard and Technology’s (NIST) cybersecurity framework released a revision (1.1, Draft 2) of its Framework for Improving Critical Infrastructure Cybersecurity. The new release now includes vulnerability disclosure processes as part of the Framework Core (on page 43).

Read More
Thought leadership, Cybersecurity News

MacOS High Sierra: Getting to the Root of the Problem

Posted by Keith Hoodlet on Nov 28, 2017 2:49:41 PM

What we know so far

Earlier today it was publicly disclosed that Apple’s MacOS High Sierra contains a trivially-exploitable flaw, which allows malicious individuals to generate a persistent root access account to your system. It is not readily apparent whether or not this vulnerability is remotely exploitable, but out an of abundance of caution there are several steps you can take immediately to protect your system.

Read More
Interesting, Thought leadership, Cybersecurity News