ConGISATA: A Framework for Continuous Gamified Information Security Awareness Training and Assessment

The incidence of cybersecurity attacks utilizing social engineering techniques has increased. Such attacks exploit the fact that in every secure system, there is at least one individual with the means to access sensitive information. Since it is easier to deceive a person than it is to bypass the...

OWASP BLT 安全漏洞

OWASP BLT is an open-source gamified crowdsourcing platform for testing and disclosing vulnerabilities. Versions of OWASP BLT prior to 2.1.1 contained security vulnerabilities. These vulnerabilities were caused by a remote code execution issue in the.github/workflows/regenerate-migrations.yml...

CTF for Education

In this paper, we take a close look at how CTF can be used in cybersecurity education. We divide the CTF competitions into four different categories, which are attack-based CTFs, defense-based CTFs, jeopardy CTFs and gamified and wargames CTFs. We start our analysis by summarizing the main...

CVE-2023-51408

CVE-2023-51408 affects the WordPress plugin WP Optin Wheel – Gamified Optin Email Marketing Tool . The vulnerability applies to versions n/a through 1.4.3 and is described as Exposure of Sensitive Information to an Unauthorized Actor . Public sources provide concrete details: the affected product...

Hoxhunt Primed to Spread Gamified Phishing Awareness in the Enterprise

By Owais Sultan Given the potent and rising threat of phishing, enterprises need an effective program that delivers real results. This is a post from HackRead.com Read the original post: Hoxhunt Primed to Spread Gamified Phishing Awareness in the Enterprise...

gamified.uk Cross Site Scripting vulnerability OBB-2375065

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Shanghai Anywhere Technology Co., Ltd Soul APP has information leakage vulnerability

Soul APP is a social platform for Generation Z based on interest mapping to build relationships and gamified gameplay for product design. Ltd. Soul APP has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information...

Shanghai Anywhere Technology Co., Ltd Soul APP has a logic flaw vulnerability

Soul App is a social platform for Generation Z based on interest mapping to build relationships and gamified gameplay for product design. Ltd. Soul APP has a logic flaw vulnerability, which can be exploited by attackers to hijack the attack...

Game-based learning platform provides full immersion into cybersecurity

Working and learning have gone remote, and we have to come to terms with this new reality. Nowadays, several organizations allow their staff to work from home permanently. Most universities consider reducing classroom time wherever possible, and now we are seeing the demand for online courses sky...

Zurmo CRM - Persistent XSS Vulnerability

Exploit for php platform in category web applications Affected software: Zurmo CRM Zurmo is an Open Source Customer Relationship Management CRM application that is mobile, social, and gamified. We use a test-driven methodology for building every part of the application. Type of vulnerability: XSS...