Okta's Latest Security Breach Is Haunted by the Ghost of Incidents Past

A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul...

kubikfoto.cz Cross Site Scripting vulnerability OBB-3513611

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang and that it was far more limited in scope. Stating that the "impact of the incident was significantly less than the...

Questions Mount Around Yahoo Breach

As Yahoo continues to investigate the biggest data breach in history, pressure is mounting on the company to admit when it knew about the attack, whether there was a delay in reporting it, and also about how it implements cryptography to secure data it’s responsible for. Security company Venafi...

Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation

Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in th...

CVE-2005-0417

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vend...