HackerOne: How the Arch Angel stole Live Events

A vulnerability in a live hacking event's infrastructure allowed an attacker to impersonate an administrator, close valid bug reports, and disrupt the event. The attacker was able to log in as an administrator and invalidate bug reports, but the event proceeded successfully regardless...

Vulnerability Researchers: Check out The Critical Thinking Podcast

Today, The Wordfence Bug Bounty Program was featured on an episode of the Critical Thinking Podcast, a top resource and community for bug bounty researchers. Critical Thinking is a podcast focused on ethical hacking and security analysis and is described as a “by Hackers for Hackers podcast focus...

h1-5411-CTF: Solution for h15411's CTF challenge

Baby steps Earlier today a friend tipped me off about an ongoing CTF challenge that was being run by HackerOne and would get the first ten winners a ticket to participate in h15411, which will be a live-hacking event happening in Buenos Aires. This immediately caught my attention and I decided to...

Exhibition: it-sa Nuremberg

Scroll down for the German version of this post. Since 2009, security professionals, developers, and product providers have shared their ideas and platforms at it-sa, a security exhibition in the Exhibition Centre in Nuremberg, Germany. This year, it-sa featured 629 exhibitors including...

Over 85% Of Smart TVs Can Be Hacked Remotely Using Broadcasting Signals

The Internet-connected devices are growing at an exponential rate, and so are threats to them. Due to the insecure implementation, a majority of Internet-connected embedded devices, including Smart TVs, Refrigerators, Microwaves, Security Cameras, and printers, are routinely being hacked and used...

RSA Conference Chris Hoff Reuben Paul Keynote

SAN FRANCISCO – When it comes to the future development of secure software, there’s really only one “next generation” that matters. That’s why today when the covers were pulled back on a seven-foot-tall server rack wheeled out on stage during Chris Hoff’s RSA Conference keynote, those in the...

PayPal MOShipping API - Bypass & Multiple Vulnerabilities

Document Title: =============== PayPal MOShipping API - Bypass & Multiple Vulnerabilities References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1273 Video: https://www.youtube.com/watch?v=GRvUsKWkIs Advisory 1: http://www.vulnerability-lab.com/getcontent.php?id=1049 Advisory ...

PayPal MOShipping API - Bypass & Multiple Vulnerabilities

Document Title: =============== PayPal MOShipping API - Bypass & Multiple Vulnerabilities References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1273 Video: https://www.youtube.com/watch?v=GRvUsKWkIs Advisory 1: http://www.vulnerability-lab.com/getcontent.php?id=1049 Advisory ...

ICQ 7.5 Software - Remote Denial of Service Vulnerability

Document Title: =============== ICQ 7.5 Software - Remote Denial of Service Vulnerability References: =========== Article: http://www.vulnerability-lab.com/getcontent.php?id=236 Download: http://www.vulnerability-lab.com/resources/videos/235.wmv View: http://www.youtube.com/watch?v=7I1JNUWLeec...

ICQ 7.5 Software - Remote Denial of Service Vulnerability

Document Title: =============== ICQ 7.5 Software - Remote Denial of Service Vulnerability References: =========== Article: http://www.vulnerability-lab.com/getcontent.php?id=236 Download: http://www.vulnerability-lab.com/resources/videos/235.wmv View: http://www.youtube.com/watch?v=7I1JNUWLeec...

Phone Applications - Remote SQL Injection Vulnerabilities

Document Title: =============== Phone Applications - Remote SQL Injection Vulnerabilities References: =========== Download: http://www.vulnerability-lab.com/upub/resources/videos/25.wmv View: http://www.youtube.com/watch?v=2uCHYjOmdk Release Date: ============= 2011-06-20 Vulnerability Laboratory...