Dennis Fisher and Mike Mimoso talk about the major stories from the last couple of weeks, including the changes to the Microsoft bug bounty program, the new Internet bug bounty, the Apple transparency report and a new paper on a weakness in Bitcoin.
Browsing Category: Compliance
As promised, Yahoo formally kicked off its bug bounty program late last week, aiming to correct what many in the security industry viewed as misstep after handing out a paltry $12.50 credit to a researcher in September for discovering a cross-site scripting error.
Dennis Fisher talks with Katie Moussouris of Microsoft about her childhood exploits with Commodore 64 programming, ignoring her Barbies, growing up as a hacker, her days as a pen tester and the challenges of working on security at Microsoft.
Dennis Fisher talks with Gary McGraw of Cigital about the progress of the BSIMM software security measurement model and how development organizations are addressing the challenges of securing their software.
Dennis Fisher talks with Jeremiah Grossman about his days cobbling together old x8s machines, designing Web sites in the heyday of the spinning GIF, becoming Yahoo’s first hacker and then founding WhiteHat Security.
A Tennessee-based footwear and apparel company has filed a $13 million lawsuit against Visa for what it considers random, subjective penalties for being out of compliance with the Payment Card Industry (PCI) standard the credit card company regulates.
Genesco Inc., a Tennessee-based shoe retailer, is taking Visa to court in what is being reported as the first case challenging fines and penalties levied by the Payment Card Industry Data Security Standard (PCI DSS) under which Genesco was fined $13.3 million.
The entertainment industry is teaming with five major Internet service providers to this week launch a new Copyright Alert System that will first warn online pirates and then start to strangle bandwidth of repeat offenders.Dubbed “Six Strikes,” the new system began roll out Monday, putting consumers on notice that content owners would be monitoring for illegal downloading or uploading of copyrighted movies, music and televsion shows and notifying participating ISPs such actvitity is detected.
Dennis Fisher talks with Ryan Naraine, the founding editor of Threatpost, about the Security Analyst Summit in San Juan, the reason why so many talks at security conferences sound the same and why surprise talks are so valuable.
A Maine-based company announced Thursday it fired an otherwise exemplary employee who dowloaded medical data onto a jump drive and then lost the device while traveling between Salt Lake City, Denver and Washington, D.C.