An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest.
An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers warn.
A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted.
The work of vulnerability research has changed a lot in the last two decades. In this episode, Security Ledger Podcast host Paul Roberts chats with the independent researcher known as “Sick Codes” about the growing risk of open source supply chain hacks, his method for bug hunting and what projects are in the pipeline for 2021.
In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also: we talk with Avesta Hojjati of the firm Digicert about the challenge of managing a growing population of digital certificates and how automation may be an answer.
