How to Avoid Confidentiality Gaps in Early-Stage Startups

Startups often expose sensitive data during pitches and hiring. Learn when to use NDAs and simple workflows to close confidentiality gaps...

EUVD-2023-42526

Malicious code in bioql PyPI...

EUVD-2023-42527

Malicious code in bioql PyPI...

10 Non-tech things you wish you had done after being breached

TL;DR Non-tech aspects to breach follow-up are often overlooked but essential NDAs, supply chain, and third party contracts and obligations should be reviewed Reviewing communication protocols and employee training increases resilience Looking after, and retaining your people improves recovery fo...

Pallet liquidation scams and how to recognize them

Pallet liquidation scams target people looking to purchase pallets of supposedly discounted merchandise, often from major retailers like Amazon. Groups that engage in pallet liquidation sales are rampant on social media and it’s hard to discern the scammers from the legitimate ones to be honest,...

CGA-45PC-XPQW-3MH7

Bulletin has no description...

shop.oji-salmon.co.jp Cross Site Scripting vulnerability OBB-3952822

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

storagecentre.com.sg Cross Site Scripting vulnerability OBB-3933471

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

amver.lt Cross Site Scripting vulnerability OBB-3906457

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fastrt.nilu.no Cross Site Scripting vulnerability OBB-3813523

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tv-facts.net Cross Site Scripting vulnerability OBB-3803471

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-38752

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings...

Authorization

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings...

CVE-2023-38752

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings...

CVE-2023-38752

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings...

CVE-2023-38751

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the organization information of the information receiver that is set as "non-disclosure" in the information provision operation...

PT-2023-26583 · Unknown · Special Interest Group Network For Analysis/Liaison

Name of the Vulnerable Software and Affected Versions: Special Interest Group Network for Analysis and Liaison versions 4.4.0 through 4.7.7 Description: The issue allows authorized API users to view the organization information of the information receiver that is set as "non-disclosure" in the...

hkdse.work Cross Site Scripting vulnerability OBB-3101342

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

gulfcoastinternists.com Cross Site Scripting vulnerability OBB-3002745

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Who is behind the Cisco attack?

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Cisco has revealed that they have faced a breach carried out by threat actors, the UNC2447, the Lapsus$, and the Yanluowang ransomware gang. They stole around 2.8 GB of data, which included non-disclosure...