keij-stefels.nl Cross Site Scripting vulnerability OBB-4038827

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

sylvain21eugenie.centerblog.net Cross Site Scripting vulnerability OBB-4034144

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fitzcarraldo.it Improper Access Control vulnerability OBB-4017640

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The Importance of Asset Context in Attack Surface Management.

This is the last of the four blogs Help, I can’t see! A Primer for Attack Surface Management Blog Series, The Main Components of an Attack Surface Management ASM Strategy, and Understanding your Attack Surface: Different Approaches to Asset Discovery covering the foundational elements of Attack...

environnement.wallonie.be Cross Site Scripting vulnerability OBB-3941277

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

saintmalodeguersac.fr Cross Site Scripting vulnerability OBB-3885051

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

talleresbram.es Improper Access Control vulnerability OBB-3825991

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

i3group.com.br Improper Access Control vulnerability OBB-3788737

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

baumaschinen-gayk.de Improper Access Control vulnerability OBB-3764875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

toepfermarkt-fuerstenfeld.de Cross Site Scripting vulnerability OBB-3743799

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

chicklit.nl Cross Site Scripting vulnerability OBB-3029195

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

hotzippy.support Cross Site Scripting vulnerability OBB-2958455

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ssadayo.co.kr Cross Site Scripting vulnerability OBB-2867439

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cash App breached by a former employee could affect millions

In December last year, the customer information of Cash App users was accessed by a former employee of Block, the company behind the popular mobile payment service app. This was revealed in a very recent filing to the Securities and Exchange Commission SEC, which shows that the former employee...

Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments

Aviary is a new dashboard that CISA and partners developed to help visualize and analyze outputs from its Sparrow detection tool released in December 2020. Sparrow helps network defenders detect possible compromised accounts and applications in Azure/Microsoft O365 environments. CISA created...

TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise

CISA has released a table of tactics, techniques, and procedures TTPs used by the advanced persistent threat APT actor involved with the recent SolarWinds and Active Directory/M365 compromise. The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations...

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update system...

FBI-CISA Joint Advisory on Compromise of Microsoft Exchange Server

CISA and the Federal Bureau of Investigation FBI have released a Joint Cybersecurity Advisory CSA to address recently disclosed vulnerabilities in Microsoft Exchange Server. CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal information, encrypt...

tirauto.it Cross Site Scripting vulnerability OBB-1395437

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

quick-step.spb.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1106454 Security Researcher MrRain1996 Helped patch 959 vulnerabilities Received 4 Coordinated Disclosure badges Received 9 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting quick-step.spb.ru website...