A new web portal is aiding cyber-threat incident responders by detailing vulnerabilities in popular malware, but its existence is causing debate among security professionals. Although intelligence sharing within the cyber-security community is vital, some community members have valid concerns about the publication of malware details. These include a potential loss of valuable intelligence for researchers conducting secretive operations. In addition, the vulnerabilities’ details could benefit cyber-threat actors who are pursuing constant improvements to their malicious tools. The portal, created by bug bounty hunter John Page, has yet to become popular; if it evolves into a primary resource for network defenders, it will inevitably also benefit their adversaries.
The North Korean advanced persistent threat (APT) group “ZINC” has been targeting cyber-security profession...
Most Recent Flipbooks
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts
Main story: LockBit launches new version, welcomes bug hunters
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage