zero days

Government not ‘sitting on hundreds of zero days,’ former NSA official says

by Shaun Waterman • 2 years ago

“We disclose something like 90 percent of the vulnerabilities we find,” said Richard Ledgett.

Majority of iPhone users have yet to update iOS in wake of Pegasus discovery

by Chris Bing • 3 years ago

When news broke that three dangerous software vulnerabilities in Apple’s supremely popular mobile operating system were discovered by a collective team of researchers on August 24, the Cupertino, Calif.-based electronics giant sounded the alarm and quickly pushed out a remote security software update for iOS 9.3.5 to its customers. Apple’s reasonable concern, however, is apparently not shared by a majority of its customers, according to new data collected by San Francisco-based data analytics firm MixPanel.

Uncovered sophisticated spyware forces an iOS update

by Chris Bing • 3 years ago

A secretive, unique and ultimately powerful piece of malware designed to spy on a targets’ iPhone was found lurking on the digital communications of a prominent, Middle Eastern human rights activist, according to Citizen Lab​ who conducted research alongside cybersecurity firm LookOut​.

‘Gray hat’ cyber firm outbidding Apple for iOS zero days

by Shaun Waterman • 3 years ago

A Texas-based cybersecurity firm announced this week it will offer up to $500,000 for newly discovered security holes in Apple's iPhone operating system, iOS — effectively outbidding the tech giant's own bug bounty program just days after it was unveiled.

Expert: U.S. spies don’t have as many zero-days as you think

by Chris Bing • 3 years ago

The quantity of zero-day exploits stockpiled by the U.S. government is much less than what you may think, according to Jason Healey​, a Columbia University professor and former director for Cyber Infrastructure Protection at the White House.

How the U.S. government could disrupt the zero-day market

by Chris Bing • 3 years ago

The market for zero-days — a business largely focused on the indiscriminate sale of undisclosed security flaws — exists in a quasi-legal grey zone that must be curtailed by the U.S. government, according to a research paper released by D.C.-based think tank New America.

TwitterFacebookLinkedInRedditGoogle Gmail