Browsing tag
A security researcher claims to have discovered an unpatched vulnerability in PayPal’s money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing, refers to a technique wherein an unwitting user is tricked into clicking seemingly innocuous webpage elements like buttons with […]
The vulnerability existed in the Facebook Messenger Rooms video chat feature and exposed Android smartphone users to intrusion. Nepalese security researcher Samip Aryal has identified a security vulnerability in the Facebook Messenger Rooms video chat feature that lets attackers access any user’s private Facebook photos and videos or submit posts on their behalf. Astonishingly, this feat can […]
Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them. “This bug could have allowed a malicious user to view targeted media on Instagram,” Mayur Fartade said in a Medium post today. “An attacker could have been able to see details […]
Web Screenshot – webscreenshot.py is a great tool which comes in handy when a penetration tester needs to quickly identify potential vulnerabilities on a massive website. Installation and usage The installation is a straight forward process, you just have to clone the github repository: The usage is as simple as providing the -i option with […]
Hackathons happen to be an all-out favorite for the cybersecurity industry for their renewed sense of competing in real-time – testing your skillset against the best. Pwn2Own, one such yearly conference kicked off today in Tokyo with teams competing in exploiting bugs in the systems of well-reputed companies. Pwn2Own follows an infrastructure in which if […]
As if there aren’t already enough cybersecurity threats looming in our daily lives, there’s one garnering an increasing amount of attention—car hacking. Automotive cybersecurity is a term for the tools and techniques used to protect the electronic systems of a vehicle along with the software, data, and more. Below are the key things to know […]
Zero-Day Android exploits are now more valuable then iOS exploits. The infosec and premium zero-day acquisition platform Zerodium known for selling zero-day exploits to governments has announced that it will be paying a huge amount of money to buy zero-day Android exploits. In total, the company will pay up to a whopping $2.5 million to […]
Three years ago, Apple debuted its first bug bounty program for iOS devices. Many researchers criticized the tech giants decisions for not including macOS and other Apple platforms. It appears Apple has finally listened to developers and security experts who were previously pointing out macOS vulnerabilities for free. At the ongoing Black Hat 2019 conference […]
At the ongoing Black Hat USA 2019 conference, Microsoft announced the Azure Security Lab ‚ a sandbox-like environment for security researchers to test Azure security without putting the company’s customers at risk. The new Azure Cloud host testing environment will allow security researchers to test attacks on infrastructure-as-a-service (IaaS) scenarios without affecting users. With isolated […]
Slack data breach took place in 2015 but the company became aware of the incident recently through its bug bounty program. Slack has suffered a data breach in which thousands of users have been affected. As a result, the company is resetting passwords of thousands of impacted users. The data breach took place back in […]
The flaw allowed anyone with knowledge of brute force attack to hack Instagram accounts without raising any suspicion. How to hack Instagram account? This is something that every Tom, Dick, and Harry wants to know since with over a billion users, Instagram is the world’s largest photo and video-sharing social networking service. While people are […]
Portswigger launched Web Security Academy, a free new learning source that covers techniques and methods for exploiting the bugs and how to avoid them. The training program contains learning materials, vulnerability labs that allows you to practice instantly while you are learning. “This is a brand new learning resource providing training on web security vulnerabilities, […]
Tesla’s High-End Vehicle’s Lane Recognition System not Free from Technical Glitches- Keen Labs Claims in New Research. Cybersecurity firm Keen Labs published a research paper [PDF] on Saturday in which it described the three hacks that the company detected that can be used to manipulate Tesla Model S. The first two hacks were directed towards the […]
On the fifth anniversary of GitHub Security Bug Bounty Program, the code repository platform is expanding its program by increasing its scope and the rewards offered under in it. GitHub has announced that the program will now apply to all first-party services hosted under the github.com domain which includes GitHub Education, GitHub LearningLab, GitHub Desktop, and […]
Zerodium, an infosec and premium zero-day acquisition platform known for selling zero-day exploits to governments has announced that it will be paying a huge amount of money to buy iOS remote jailbreak and exploits related to WhatsApp, iMessage, or SMS/MMS. According to a statement from the founder of Zerodium Chaouki Bekrar, it is very important to intercept messaging […]
The European Union (EU) will be offering bug bounty rewards for the 14 open-source products that it uses. The EU’s Member of Parliament Julia Reda announced that the European Commission will offer bounties worth of €851,000 under its Free and Open Source Software Audit (FOSSA). Bug bounty program for 14 of its open source projects […]
A bug bounty hunter from India, Sahad Nk who works forSafetyDetective, a cybersecurity firm, has received a reward from Microsoft for uncovering and reporting a series of critical vulnerabilities in Microsoft accounts. These vulnerabilities were present on users’ Microsoft accounts from MS Office files to Outlook emails. This means, all kinds of accounts (over 400 […]
Facebook has launched a new bug bounty program inviting hackers to identify and report vulnerabilities in its website and applications. The social network has increased payouts and offers researchers to look for vulnerabilities in a wide variety of products owned by Facebook including Instagram, WhatsApp, and Oculus. The company will only consider reports that can lead […]
Hacker Cancels Plan to Live Stream Deletion of Mark Zuckerberg’s Facebook Account. It was just yesterday when Facebook announced that it was hacked after attackers exploited a vulnerability in its View As feature and gained access to over 50 million accounts. Now, a well-known hacker from Taiwan, Chang Chi-yuan made headlines for a rather intriguing […]
HP Discloses its Bug Bounty Program and Here’s What You Need To Know. The Palo Alto Calif. based HP Inc., has disclosed what it terms as the industry’s first-ever bug bounty program, which has been launched to inspect printer security relates issues. The print security bug bounty program will be offering up to $10,000 as […]
Bug bounty programs are usually organized by software companies or websites, where developers get rewarded for finding bugs; in the form of vulnerabilities and probable exploits. If you’re part of the ethical hacking community, bug hunting is where you could shine. Hack, report and get paid. Here are some lucrative bug bounty programs to keep […]