all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Adventures in Disclosure: When Reporting Bugs Goes Wrong

Add to bookmarks
June 8, 2023, 3:46 p.m. | Dustin Childs

Zero Day Initiative - Blog www.zerodayinitiative.com

The Zero Day Initiative (ZDI) is the world’s largest vendor-agnostic bug bounty program. That means we purchase bug reports from independent security researchers around the world in Microsoft applications, Adobe, Cisco, Apple, IBM, Dell, Trend Micro, SCADA systems, etc. We don’t buy every bug report submitted, but we buy a lot of bugs. Of course, this means we disclose a lot of bugs. And not every disclosure goes according to plan.

Why Disclose at All?

This is a fine place …

adobe adventures apple applications blog post bounty bug bug bounty bug bounty program bugs cisco dell disclosure don etc ibm initiative micro microsoft program report reporting reports researchers scada scada systems security security researchers systems trend trend micro vendor world zdi zero day initiative

Visit resource

More from www.zerodayinitiative.com / Zero Day Initiative - Blog

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability 1 week, 6 days ago | www.zerodayinitiative.com
amp blog post bug code +25
The April 2024 Security Updates Review 3 weeks ago | www.zerodayinitiative.com
adobe april blog post can +12
Pwn2Own Vancouver 2024 - Day Two Results 1 month, 1 week ago | www.zerodayinitiative.com
blog post chrome edge event +10
Pwn2Own Vancouver 2024 - Day One Results 1 month, 1 week ago | www.zerodayinitiative.com
blog blog post browser day one +11
Pwn2Own Vancouver 2024 - The Full Schedule 1 month, 1 week ago | www.zerodayinitiative.com
blog post
The March 2024 Security Update Review 1 month, 2 weeks ago | www.zerodayinitiative.com
adobe blog post can check +14
CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability 1 month, 3 weeks ago | www.zerodayinitiative.com
arbitrary file write blog post bug crlf injection +26
The February 2024 Security Update Review 2 months, 2 weeks ago | www.zerodayinitiative.com
adobe blog post february latest +11
CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability 2 months, 3 weeks ago | www.zerodayinitiative.com
avalanche blog post code code execution +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom
View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands
View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila
View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com
View more jobs