Thursday, May 26, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3.666665
Hacking the Bugcrowd - Evading the Filter Validation of Bugcrowd Today we would like to talk about a vulnerability that was located in the main bugcrowd web-application. Normally we do hack in regular and public bug bounty programs, but in case of the issue we exploited the manufacturers... + continue reading
Monday, April 25, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3.333335
MIT Security - Alpha Phase of Bug Bounty Program in April 2016 In april 2016 the well known MIT EDU started a new official bug bounty program. The MIT Bug Bounty program is an experimental program aiming to improve MIT's online security and foster a community for students to research and... + continue reading
Wednesday, April 20, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3.857145
Announcement of the Bug Bounty Program Award Winners 2015 - Exclusive Interviews with United Airlines & Facebook We worked hard to represent the winners of 2015 after the nicely solved first award ceremonie in 2014. This year we exclusivly release the winners of the international "Bug... + continue reading
Monday, April 18, 2016
Posted by Editorial_Staff_Team
Reader's rate:
4
Cyberoam Central Console v02.03.1 - Persistent Web Vulnerabilities Today we disclosed a new issue in the cyberoam central console appliance web-application. This issue is application-side and was discovered to the cyberoam developer team about 2 month ago. The issue was reported by "... + continue reading
Tuesday, April 5, 2016
Posted by Editorial_Staff_Team
Reader's rate:
5
iPhone 6S & Plus with 3D Touch (iOS 9.3.1) vulnerable to new Passcode Bypass Vulnerability Yesterday night around 23:00 o clock a new zeroday vulnerability in the new Apple iOS v9.3.1 with iPhone 6S or Plus models was disclosed to the public. 2016-03-18 the vulnerbaility lab team notified... + continue reading

Featured Cooperative Security Articles

Thursday, 26/05/16 - 0 comment(s)
Hacking the Bugcrowd - Evading the Filter Validation of Bugcrowd Today we would like to talk about a vulnerability that was located in the main bugcrowd web-application. Normally we do hack in regular and public bug bounty programs, but in case of the issue we exploited the manufacturers official program site web-application to score. The... + continue reading
Monday, 25/04/16 - 0 comment(s)
MIT Security - Alpha Phase of Bug Bounty Program in April 2016 In april 2016 the well known MIT EDU started a new official bug bounty program. The MIT Bug Bounty program is an experimental program aiming to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible... + continue reading

TOP SECURITY STORIES

2.355
reads
25 today
Wednesday, 20/04/16 - 4 comment(s)
Announcement of the Bug Bounty Program Award Winners 2015 - Exclusive Interviews with United Airlines & Facebook We worked hard to represent the winners of 2015 after the nicely solved first... + continue reading

BUG BOUNTY ISSUES

968
reads
49 today
Thursday, 26/05/16 - 0 comment(s)
Hacking the Bugcrowd - Evading the Filter Validation of Bugcrowd Today we would like to talk about a vulnerability that was located in the main bugcrowd web-application. Normally we do hack in... + continue reading

VULNERABILITIES & BUGS

0DAY SECURITY VIDEOS

7.744
reads
4 today
Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

IT-SECURITY EVENTS

8.646
reads
7 today
Sunday, 31/05/15 - 3 comment(s)
Hack in the Box | Amsterdam 2015 | HITB HITB HAXPO | Date: 26th - 29th May 2015 On May 27 we arrived in Amsterdam and entered the hackBoat in an Amsterdam suburb, where we'd work and live... + continue reading
Thu
26
May
Editorial_Staff_Team's picture

Hacking the Bugcrowd - Core Researcher scores in Main Program Site

Hacking the Bugcrowd - Evading the Filter Validation of Bugcrowd

Today we would like to talk about a vulnerability that was located in the main bugcrowd web-application. Normally we do hack in regular and public bug bounty programs, but in case of the issue we exploited the manufacturers official program site web-application to score.

Mon
25
Apr
Editorial_Staff_Team's picture

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

In april 2016 the well known MIT EDU started a new official bug bounty program. The MIT Bug Bounty program is an experimental program aiming to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible fashion.

In- Scope Domains

In-Scope Vulnerabilities

Wed
20
Apr
Editorial_Staff_Team's picture

Bug Bounty Program Award Winners 2015 - Exclusive Interview by United Airlines & Facebook

Announcement of the Bug Bounty Program Award Winners 2015 - Exclusive Interviews with United Airlines & Facebook

We worked hard to represent the winners of 2015 after the nicely solved first award ceremonie in 2014. This year we exclusivly release the winners of the international "Bug Bounty Awards". The award is nominated twice for the "Best Upcoming Bug Bounty Program" and the "Best Bug Bounty Program" of the year.

The winners of the award are nominated via email vote by 100 vulnerability laboratory researchers and 101 independent or individual security researchers. The voting results will be multiplied to finally discover the winners. Be welcome to visit the new awards module in the vulnerability laboratory infrastructure with archive.

Mon
18
Apr
Editorial_Staff_Team's picture

Cyberoam Central Console v02.03.1 - Persistent Web Vulnerabilities

Cyberoam Central Console v02.03.1 - Persistent Web Vulnerabilities

Today we disclosed a new issue in the cyberoam central console appliance web-application. This issue is application-side and was discovered to the cyberoam developer team about 2 month ago. The issue was reported by "Lawrence Amer" a core team researcher of the vulnerability laboratory.

Tue
05
Apr
Editorial_Staff_Team's picture

iPhone 6S & Plus with 3D Touch vulnerable to new Passcode Bypass Vulnerability

iPhone 6S & Plus with 3D Touch (iOS 9.3.1) vulnerable to new Passcode Bypass Vulnerability

Yesterday night around 23:00 o clock a new zeroday vulnerability in the new Apple iOS v9.3.1 with iPhone 6S or Plus models was disclosed to the public. 2016-03-18 the vulnerbaility lab team notified apple with a mailing, that we already detected a new method that evades the controls of the passcode protection mechanism.

Fri
01
Apr
Editorial_Staff_Team's picture

Hack the Pentagon Bug Bounty Program - Registration Activated 18th April since 16th May

DoD Bug Bounty - Registration Activated 18th April - 16th May 2016

Today at night the new bug bounty page of the Department of Defense became online. About some weeks ago the Department of Defense announced to startup a bug bounty program for individuals and us citizens in apil 2016. In the new information letter the DoD announced how to participate in the official bug bounty program.

Wed
30
Mar
Editorial_Staff_Team's picture

PayPal Inc Bug Bounty Program 2016 - New Vulnerability Uncovered by German Researcher

Researcher exploits Profile Service Mails via Filter Bypass Issue

The leading core research team of the vulnerability laboratory discovered today in the morning a new vulnerability in the paypal inc online service core web-application and api. The issue was uncovered by Benjamin Kunz Mejri during the participation in the official bug bounty program of paypal. After the paypal inc security department received the first analysis report of the issue, a fix was prepared immediately to protect the infrastructure and customers against active exploitation.

Technical Details

Tue
22
Mar
Editorial_Staff_Team's picture

Mobidea starts new & official Bug Bounty Program in 2016

Mobidea - Bug Bounty Program Startup in 2016

Yesterday morning we received an email by the administration of the Mobidea company regarding the new bug bounty program startup. We would like to announce with thus news article the new independent bug bounty program of "Mobidea".

All vulnerabilities and bugs can be reported via an online formular that is available at the official bug bounty page of the mobidea company page. The new program looks clean and has a trusted background for independent vulnerability researchers or security hackers that do participate.

The new and official bug bounty program do focus to the following typ of vulnerabilities and bugs ...

Mon
07
Mar
Editorial_Staff_Team's picture

Apple iOS v9.2.1, v9.1 & v9.0 - Researcher disclosed multiple PassCode Protection Bypass Vulnerabilities

Apple iOS v9.2.1 (iPhone & iPad) - Researcher disclosed multiple PassCode Bypass Vulnerabilities

Today in the early morning the vulnerability researcher and ceo of the vulnerability laboratory disclosed several new issues in the newst Apple iOS version (9.2.1). The vulnerabilities allow local attackers with physical device access to bypass the passcode protection of the iPhone (5|5s|6|6s) and iPad (Mini|1|2). Benjamin did already successful discovered around 10 vulnerabilities in the pass code module and the regular ios device protection mechanisms due to the last years. The new bugs turns a new light to the situation of apple against the fbi because of easily bypass the device protection mechanism. In the newst report of today, Benjamin released about 4 new hacks on how to bypass the security protection mechanism of the apple ios passcode module.

Technical details of the local vulnerabilities ...

Wed
02
Mar
Editorial_Staff_Team's picture

Hack the Pentagon - Cybersecurity Initiative of the Pentagon & Homeland Security

”Hack the Pentagon” - Cybersecurity Initiative of the Pentagon & Homeland Security

Pages

Subscribe to VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research RSS