2019/03/14: Tribune de Genève's article on the vulnerability found by Sarah Jamie Lewis, Olivier Perreira and Vanessa Teague in Swiss Post e-voting systemRead more
2017/07 : The U.S. Department of Justice created a Framework for a Vulnerability Disclosure Program for Online Systems.Read more
2010/07/20 : Dennis Fisher writes on the new adjustment of the price of Google bug rewards.
This artifact is part of the Google Vulnerability Report Bundle.Read more
1993/12/02 : Dan Farmer and Wietse Venema published this paper about improving the security of websites by breaking into it.
By this publication, authors wished they "can increase security by raising awareness."(p.16-17)
They also explain the...Read more
2010/07/22 : "Today on the MSRC [Microsoft Security Response Center] blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated...Read more
2019/02/22: Scytl statement concerning rumors of Swiss Post leaked source code. This addresses the cases of unofficial diffusion of source code and unofficial criticsRead more
2005/12/07 : Andrew Cencini, Kevin Yu, Tony Chan write upon the different choices of vulnerability disclosures.
"When a software vulnerability is discovered by a third party, the complex question of who, what...Read more
2018/05/24: Article on EFAIL vulnerability, email vulnerabilities and the patching of those vulnerabilities. It questions the safety of emails in generalRead more
2018(05/14: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more
1995 : The program SATAN (Security Administrator Tool for Analysing Networks) had been written to scan a Unix host on a network and then issue a report about known security vulnerabilities as well as possible fixes. It was the first vulnerability scanning program which...Read more