In the exploit biz? FULL DISCLOSURE is your best friend, boffin says

Darren Pauli reports:

Auscert Security bod Alfonso De Gregorio says buyers and sellers in the cut-throat exploit marketplace should release their zero-days to the public if they are fleeced.

The BeeWise founder says full disclosure of security vulnerabilities helps punish both buyers who fail to pay or on-sell zero-days, and sellers who break contracts and re-sell exclusive exploits to multiple parties.

Read more on The Register.

US company with access to biggest telecom firms uncovers breach by nation-state hackers
Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info
How a hacking gang held Italy’s political elites to ransom
UN Cybercrime Convention to be signed in Hanoi to tackle global offences
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm

Related: