Microsoft is planning to make its internally-used 'white-box fuzzing' bug-detection service available to external customers and partners.
Government ICS report reveals access control a major issue for sector along with nagging issues around poor code quality and cryptography.
The latest on the Yahoo breach, Germany's problem with WhatsApp-Facebook, Facebook's osquery tool for Windows, and Zerodium's $1.5M iOS bounty are all discussed.
The US Food and Drug Administration hasn't had an OPM-style breach, but it's left plenty of doors wide open, says government watchdog GAO.
Cisco inadvertently introduced a critical vulnerability in its email security appliances by forgetting to remove an internal testing interface from software releases made available to customers.
Building automation products from American Auto-Matrix are affected by a couple of high-severity vulnerabilities that allow remote hackers to compromise the affected system, ICS-CERT warned on Thursday.
Private exploit seller Zerodium has tripled the price of iOS rewards -- and Android is on the radar, too.
The RIG exploit kit recently stopped distributing Tofsee and cybercriminals have decided to use the botnet’s own spamming capabilities to deliver the malware, Cisco’s Talos team reported on Thursday.
While Health Minister Sussan Ley has apologised for the breach in de-identified medical data, Australia's Attorney-General has come under fire for 'rushing' through legislation.
ZERODIUM, a leading zero-day exploit broker, has published its revised bounty figures for the amount it will pay for new zero-days. The highest figure is reserved for iOS - now up to $1.5 million for "fully functional/reliable exploits meeting ZERODIUM's requirements". It was 'only' $500,000 in September 2015.