Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

UK Spy Agency Joins NSA in Sharing Zero-Day Disclosure Process

GCHQ Joins the NSA in Publishing its Vulnerabilities Equities Process

On November 15, 2017, the U.S. government made public its vulnerability equities process (VEP). This is the process used to decide whether a government agency should disclose a discovered vulnerability or keep it secret for its own purposes. Exactly one year and two weeks later, the UK government did similar, disclosing its ownEquities Process.

The issue at stake is summarized by Dr Ian Levy, technical director at the UK's National Cyber Security Centre (NCSC), which is part of the Government Communications Headquarters (GCHQ) intelligence agency. “When we find a security problem, we need to decide what to do. Our default is to tell the vendor and have them fix it, but sometimes - after weighing up the implications - we decide to keep the fact of the vulnerability secret and develop intelligence capabilities with it.”

Both governments admit to stockpiling vulnerabilities. This is not open to discussion –...(continued)

View All Trending Stories