Positive Security News - Edition 6
We're back for more cyber-positivity!
No More Ransom website celebrates five years of providing free ransomware recovery tools and advice The No More Ransom Project has saved many businesses and individuals from paying ransoms to criminals or simply losing their digital belongings. Apparently, free ransomware decryption tools have been downloaded from their webpage over six million times. This figure shows the state of play of ransomwares impact on the digital world. At least No More Ransom offers some respite and this week, it celebrates it's fifth birthday! Legends. Source: GrahamCluley.com
Google revamps bug bounty program Here's another article which focuses on the positive side of the cybersecurity industry. On one hand, we have a whole industry of cyber criminals finding bugs/vulnerabilities in order to commit crime. On the other, we have bug bounty programs which reward security researchers for responsibly disclosing such bugs and therefore reducing the chances of them being misused. Google alone have paid out for 11,000 bugs in under eleven years. And, $29 million is quite a pile of cash. Google's new "Bug Hunter University" will incorporate "a bit of healthy competition through gamification, per-country leader boards, awards/badges for certain bugs and more". Let the hunting begin! Source: The Register
Respect in Security initiative aims to build reporting lines for infosec bods suffering harassment at work, conferences and online Rather than paraphrasing, I'll share the following extracts from the Respect in Security website: "Around a third of cybersecurity professionals have had personal experience of harassment online (32%) and in-person (35%), according to a study from Respect in Security — a new initiative set up to support victims and encourage coordinated industry action to tackle the problem. Respect in Security’ stands against harassment both online and in the workplace. Founded by a group of cybersecurity professionals who have decided to take a stand against all forms of harassment within our industry, ‘Respect in Security’ offers organisations the opportunity to formally pledge their commitment to creating a workplace and professional community free from harassment and fear. We also aim to give victims and potential victims the knowledge that the industry they have chosen does not support these behaviours, and to arm people entering cybersecurity with the knowledge that their peers and employers are there to support them should they ever be targeted." Source: RespectInSecurity.org