48 matches found
QIWI: [QIWI Wallet] Access to protected app components
Здравствуйте, я хочу сообщить об обнаруженной уязвимости в классе ru.mw.main.Main Информация о приложении Приложение: QIWI Кошелек Имя пакета: ru.mw Номер версии: 3.25.0 Код версии: 21346 Актуальность версии: Последняя Уязвимый класс: ru.mw.main.Main Уязвимость Поскольку активность ru.mw.Main...
Microsoft Launches Azure DevOps Bug Bounty Program
Microsoft lifted the curtain on a new Azure DevOps bug bounty program, designed to sniff out flaws in its Azure DevOps online services and servers. Azure DevOps is a cloud service launched in 2018 that enables collaboration on code development across the breadth of a development lifecycle...
Google Expands Bug-Bounty Program to Battle Abuse Methods
Google is now offering rewards for newly-discovered techniques that bad actors could use to bypass its systems protecting against abuse, fraud and spam. The company has expanded its bug bounty program scope beyond security vulnerabilities to also focus on mitigations around potential abuse method...
Google Expands Play Marketplace Bug Bounty Program
UPDATE Google is expanding the number of bounties available in its Google Play Security Reward Program, a step that comes amid a flurry of mitigation activities against malicious apps found in its official marketplace. The company introduced the program in October, in a long-awaited move...
The U.S. Department of Justice is how to build a vulnerability disclosure plan framework-vulnerability warning-the black bar safety net
The U.S. Department of Justice(DOJ criminal sector of the network security division recently created the“online system vulnerability disclosure framework”, designed to help organizations develop a formal vulnerability disclosure program. ! In fact, now more and more business organizations have...
New Google Tools Help Devs Improve Content Security Policy Protection
Cross-site scripting is the cockroach of web application security vulnerabilities, enjoying continued longevity despite the abundant availability of scanning tools and programming advice designed to squash it. Google yesterday took another shot at eradicating XSS attacks with the release of two...
Google Fixes Four Critical Vulnerabilities in Latest Chrome Build
Google pushed out the latest version of Chrome Thursday afternoon, fixing five issues, four of them critical. The update remedies an out-of-bounds read in Chrome’s open source JavaScript engine V8, two use-after-free vulnerabilities – one in Navigation and one in Extensions – and a buffer overflo...
MainWP <= 2.0.22 - Unspecified
Email sent from vendor to users: "Today we released updates to both the MainWP Dashboard 2.0.23 and MainWP Child 2.0.23 that contain additional security hardening for a possible issue found by Francois Harvey and reported through out White Hat Reward Program. We encourage everyone to update both...
Dropbox Launches Bounty Program on HackerOne
Dropbox has become the latest high-profile Internet firm to start a bug bounty program, hooking up with HackerOne to provide rewards to security researchers who report vulnerabilities through the program. The new reward system from Dropbox covers a variety of the company’s offerings, including th...
Twitter's latest exploit: a hacker can traverse account delete credit card-vulnerability warning-the black bar safety net
Just this month beginning of the month, with other social networks, twitter also started a new vulnerability reward program, bonus reached$1 4 0+/vulnerabilities, you can say the reward is still very lucrative. Compared to our domestic manufacturers to say, I personally think that this is a netwo...
Twitter Launches Bug Bounty Program
Twitter is the latest major Internet company to establish a bug bounty program, and has put no upper limit on the bounty that a researcher can earn for reporting a vulnerability. The company announced on Wednesday that it will operate its bounty program through the HackerOne platform, a bug bount...
Pinterest Launches Bug Bounty Program
Pinterest has become the latest major Web property to start a bug bounty program, joining the Bugcrowd platform and offering researchers rewards of up to…a shirt. The site, which enables users to post photos, recipes and other information, announced the new reward program Tuesday. Company officia...
Google adds its Chrome apps and extensions to Bug Bounty Program
Google's Vulnerability Reward Program which started in November 2010, offers a hefty reward to the one who find a good vulnerability in its products. Now Google is getting a little more serious about the security of its Chrome Browser and has expanded its Bug Bounty Program to include all Chrome...
Researchers Nab $28k in Microsoft Bug Bounty Program
As part of its first-ever bounty program, Microsoft has paid out $28,000 to a small group of researchers who identified and reported vulnerabilities in Internet Explorer 11. The IE 11 bounty program only ran for one month during the summer, but it attracted a number of submissions from well-known...
Yahoo is now offering up to $15,000 in bug bounty after policy review
Offering cash rewards for vulnerability reports has become something of a norm when it comes to big tech companies these days. Yahoo has changed its bug bounty policies following a deluge of negative feedback in the wake of the news that ethical hackers were rewarded with $12.50 in gift vouchers...
Microsoft to Pay First Bug Bounty for IE 11
Just a few weeks after announcing its first bug bounty programs, Microsoft is already set to pay out a reward to a researcher from Google who discovered a vulnerability in Internet Explorer 11. Microsoft officials say that they have several other qualifying entries for the IE 11 reward program...
Hack Windows 8.1 to earn $100,000 bounty from Microsoft
If you don't know yet, Microsoft is offerings up to $100,000 in exchange for finding vulnerabilities and exploits in the upcoming Windows 8.1 Preview which is expected to launch on June 26, the same time as the Microsoft Build Developer Conference. Qualifying submissions with accompanying defensi...
Ryan Naraine on Microsoft's New Bug Bounty Program
Dennis Fisher talks with Ryan Naraine about the new Microsoft bug bounty program, how it may affect prices for vulnerabilities on the private market and why it took the company so long to start the reward program. Download: digitalunderground116...
Google Fixes More Than a Dozen Flaws in Chrome 27
Google has released Chrome 27, a new version of its browser that includes a long list of security fixes, many of which are for high-risk vulnerabilities. The company handed out more than $14,000 in rewards to researchers who reported bugs fixed in the latest iteration of Chrome. Google’s security...
Google pays $31,336 bounty to hacker for reporting critical vulnerabilities in Chrome
Google has fixed a series of serious vulnerabilities in its Chrome OS, including three high-risk bugs that could be used for code execution on vulnerable machines. Bug bounties is the cash prizes offered by open source communities to anyone who finds key software bugs have been steadily on the ri...