Security Researchers Push for 'Bug Bounty Program of Last Resort'

[TechWeb]( Follow Dark Reading: [RSS]( February 08, 2021 LATEST SECURITY NEWS & COMMENTARY [Security Researchers Push for 'Bug Bounty Program of Last Resort']( An international program that pays out hefty sums for the discovery of software vulnerabilities could spur greater scrutiny of applications and lead to better security. [Spotify Hit With Another Credential-Stuffing Attack]( This marks the second credential-stuffing attack to hit the streaming platform in the last few months. [Cybercrime Goes Mainstream]( Organized cybercrime is global in scale and the second-greatest risk over the next decade. [Security in a Complex World]( Innovation and complexity can co-exist; the key is to use innovation to make ever-expanding complexity comprehensible and its effects predictable. [Microsoft Says It's Time to Attack Your Machine-Learning Models]( With access to some training data, Microsoft's red team recreated a machine-learning system and found sequences of requests that resulted in a denial-of-service. [Web Application Attacks Grow Reliant on Automated Tools]( Attackers often use automation in fuzzing attacks, injection attacks, fake bots, and application DDoS attacks. [MORE NEWS & COMMENTARY]( HOT TOPICS [Interview With a Russian Cybercriminal]( A LockBit ransomware operator shared with researchers why he became involved in cybercrime, how he chooses victims, and what's in his toolbox. [What I Wish I Knew at the Start of My InfoSec Career]( Security pros identify lessons learned that impact how they view infosec today. [Strengthening Zero-Trust Architecture]( Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries. [MORE]( EDITORS' CHOICE [7 Steps to Secure a WordPress Site]( Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth. [An Observability Pipeline Could Save Your SecOps Team]( Traditional monitoring approaches are proving brittle as security operations teams need better visibility into dynamic environments. LATEST FROM THE EDGE [AI and APIs: The A+ Answers to Keeping Data Secure and Private]( Many security leaders view regulations and internal processes designed to manage and secure data as red tape that hampers innovation. Nothing could be further from the truth. Tech Resources - [Improve MITRE ATT&CK Test Results for Endpoint Security Using Deception]( - [4 Steps to Achieving Comprehensive Kubernetes Security]( - [7 Experts on Implementing Azure Sentinel]( - [Prevent vs. Pay: A Better Ransomware Plan]( - [Nation-States and Their Supply-Chain Attack Strategy]( - [Annual Cybercrime Report - Cybersecurity Ventures]( - [Understanding Phishing: Account Takeover]( [ACCESS TECH LIBRARY NOW]( - [Drafting a Data Breach Response Playbook]( The cyber attackers hit their mark, and your sensitive databases have been breached: now what do you do? Whom should you call first? In this webinar, learn what processes and procedures, tools and techniques should go into your data breach ... - [Ten Keys to Better Security Data Analysis]( In this webinar, experts discuss ways to effectively collect and analyze large amounts of security data, enabling you to surface the threat and exploit information that you need to defend your enterprise. Speakers will also offer recommendations on how to ... [MORE WEBINARS]( FEATURED REPORTS - [Special Report: Understanding Your Cyber Attackers]( - [2020 State of Cybersecurity Operations and Incident Response]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [RSA Announces NetWitness Detect AI]( [New Report Reveals Significant Delays Revoking System Access, Impacting Security Risk]( [New Siemplify Research Reveals Shift to Remote Work Leads to More Threats, But Cybersecurity Postures Stronger Than Pre-Pandemic for Many]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)