DHS questions vulnerability disclosure program
Undiscovered vulnerabilities in agency information systems could be exploited by nation-states or hackers.
Report: Two Interior Department agencies riddled with IT vulnerabilities
Thousands of critical and high-risk vulnerabilities were identified on IT assets at the Bureau of Indian Affairs and Bureau of Indian Education, according to an inspector general report released to the public.
Google aims to fix XSS, make the web safer
Ninety-five percent of the one billion websites Google scanned recently were vulnerable to Cross-Site Scripting, or XSS, attacks, allowing hackers to load malicious code onto the computers of anyone who visited their page. This week the company issued tools to help web developers identify and mitigate XSS vulnerabilities.
Critical vulnerability discovered in MySQL application
A researcher has discovered a critical security flaw in the world's most widely used open-source database application — one that could allow hackers to completely take over a web server.
Former White House cyber director: Expect another Shadow Brokers incident
Another Shadow Brokers-like incident — in which unprecedented, older software vulnerabilities are indiscriminately posted online for everyone to see — should be expected in the “near future,” said former White House National Security Council Senior Director for Cybersecurity Ari Schwartz.
Smart plug leaves big holes in home network security
Users of a smartphone-controlled web-connected plug that switches power off and on to electrical devices are putting the security of their home wi-fi networks at risk because of shoddy coding, researchers said Thursday.