A mysterious company is offering up to $250,000 for virtual machine (VM) hacks. The âsecretâ bug bounty program was announced by Bugcrowd. A mysterious company makes the headlines for offering up to $250,000 for virtual machine (VM) hacks. The âsecretâ bug bounty program was announced by the crowdsourced security testing platform Bugcrowd. At the time I was writing the unique […]
An Italian expert discovered a critical Improper Authentication vulnerability affecting the UBER platform that allowed password reset for any account. The Italian security expert Vincenzo C. Aka @Procode701 has discovered 7 months ago a critical vulnerability in UBER platform that allowed password reset for any Uber account. The researcher reported the ‘Improper Authentication’ vulnerability through the company […]
Yahoo awarded $7,000 to the bug hunter Michael Reizelman, aka mishre, for Flickr account hijacking vulnerability. Reizelman was a popular bug hunter that discovered vulnerabilities in many web services, including Badoo, Dropbox, GitHub, Google, Imgur, Slack, Twitter, and Uber. The expert has discovered three vulnerabilities in the companyâs image and video hosting service that could have been chained together […]
A security expert discovered a flaw in a ransomware protection service that opened Uber service, and many others, to cyber attacks. The Russian penetration tester Vladimir Ivanov from the security firm Positive Technologies has discovered a vulnerability in anti-ransomware backup service Code42. The flaw could be exploited by attackers to steal data from the organizations using […]
A flaw in Brave Browser could be exploited by attackers to trick users into visiting a fake or malicious website to serve either malware or conduct phishing attacks. Brave is an open source project that promises to block Internet greed and ugliness while improving speed and protecting privacy. Basically, it blocks ads containing pixels and cookies […]
US Army Military experts urge the establishment of an Army Vulnerability Response Program (AVRP),  a sort of military bug bounty program. What happen when bug hunters have to work with high sensitive environment? An interesting post published by the Cyber Defense Review raises the discussion about the was way to handle vulnerabilities in the information security infrastructure of the […]
Patrick Wardle is a former NSA staffer that turned to a security researcher, the expert explained that his main concern is that MAC OS X security tools in the market are trivial and easy to bypass. One of the most known applications in Macs its Gatekeeper, but Patrick says that Gatekeeper can be easily misguided […]
A critical Facebook flaw exposed email address for any account, the discovery was made by Stephen Sclafani, security researcher and founder of PlayToWin. Another vulnerability menaces privacy of Facebook users allowing the disclosure of primary email address of any account. Stephen Sclafani, security researcher and founder of PlayToWin, described the attack technique in a blog post titled […]
The hacker “fin1te” Â revealed that Facebook account was hackable within a minute simply with an SMS. Excellent the bug management in the Bug Bounty program. Facebook hacked again, this time hackers have done it without using any other malicious code neither user interaction. UK based Security Researcher, “fin1te” revealed that attack could compromise any Facebook […]