96 matches found
britishartstudies.ac.uk Cross Site Scripting vulnerability OBB-1250584
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
GReAT Ideas follow-up
On June 17, we hosted our first "GReAT Ideas. Powered by SAS" session, in which several experts from our Global Research and Analysis Team shared insights into APTs and threat actors, attribution, and hunting IoT threats. Here is a brief summary of the agenda from that webinar: Linking attacks to...
Introducing Imperva Cloud Data Security
We are excited to announce that our latest data security innovation is now available worldwide! Made for the cloud, Imperva Cloud Data Security CDS builds on our industry-leading application and data security solutions, providing an industry-first, complete cloud data SaaS security solution that...
M-Trends 2020: Insights From the Front Lines
Today we release M-Trends 2020, the 11th edition of our popular annual FireEye Mandiant report. This latest M-Trends contains all of the statistics, trends, case studies and hardening recommendations that readers have come to expect through the years—and more. One of the most exciting takeaways...
U.S. FDA: No link between smartphone radiation & cancer
By Waqas FDA has also rubbished previous studies linking smartphone radiation and causing cancer. This is a post from HackRead.com Read the original post: U.S. FDA: No link between smartphone radiation & cancer...
Superhero Movies and Security Lessons
A paper I co-wrote was just published in Security Journal: "Superheroes on screen: real life lessons for security debates": Abstract: Superhero films and episodic shows have existed since the early days of those media, but since 9/11, they have become one of the most popular and most lucrative...
Call For Customer Presentations at Black Hat USA 2019!
Tell your security story to your peers at Black Hat USA 2019! Qualys is looking for customers excited to share your security story, for example: How you integrate security into DevOps Best practices for building security into modern enterprises Case studies leveraging the use of the Qualys Cloud...
employment-studies.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-636431 Description| Value ---|--- Affected Website:| employment-studies.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
The Habituation of Security Warnings
We all know that it happens: when we see a security warning too often -- and without effect -- we start tuning it out. A new paper uses fMRI, eye tracking, and field studies to prove it. EDITED TO ADD 6/6: This blog post summarizes the findings...
Call For Customer Presentations at Black Hat USA 2018!
Tell your security story to your peers at Black Hat USA 2018! Qualys is looking for customers excited to share their security and DevSecOps successes, best practices for building security into modern enterprises and case studies leveraging the use of the Qualys Cloud Platform. Take the stage in t...
studies-ireland.com XSS vulnerability
Open Bug Bounty ID: OBB-586731 Description| Value ---|--- Affected Website:| studies-ireland.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
agingstudies.eu XSS vulnerability
Open Bug Bounty ID: OBB-466648 Description| Value ---|--- Affected Website:| agingstudies.eu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
jewish-studies.com XSS vulnerability
Open Bug Bounty ID: OBB-453612 Description| Value ---|--- Affected Website:| jewish-studies.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
Web Privacy Measurement Framework: OpenWPM
Web Privacy Measurement is the observation of websites and serves to detect, characterize and quantify privacy-impacting behaviors. Applications of Web Privacy Measurement include the detection of price discrimination, targeted news articles and new forms of browser fingerprinting. Although...
QSC17 Focuses on Digital Transformation’s Challenges and Opportunities
Qualys Security Conference 2017 finds Qualys rapidly advancing in its ongoing quest to seamlessly and transparently thread security into the fabric of IT environments, and to make it essential for digital transformation. At QSC17, happening this week in Las Vegas, Qualys executives will share how...
Abusing Token Privileges For LPE
Abusing Token Privileges For LPE. Papers exploit for Windows platform |=-----------------------------------------------------------------------=| |=----------------= Abusing Token Privileges For LPE=------------------=| |=-----------------------------------------------------------------------=|...
Call for Papers: Qualys Security Conference 2017
Our annual user conference, QSC17, is quickly approaching and we are looking for customer presentations that showcase hot topics related to security and best practices via case studies leveraging the use of Qualys technologies. If you would like to be considered as a presenter, please send a...
Project Sonar - Mo' Data, Mo' Research
Since its inception, Rapid7's Project Sonar has aimed to share the data and knowledge we've gained from our Internet scanning and collection activities with the larger information security community. Over the years this has resulted in vulnerability disclosures, research papers, conference...
transnationalstudies.eu XSS vulnerability
Vulnerable URL: http://www.transnationalstudies.eu/search.php?searchstr=...
Red Team Tool Roundup
In many cases Red Team tools are not written because someone feels like writing a tool, or wakes up one morning thinking, “I want to write a tool today”. Red Teamers generally identify tedious tasks in their methodology and then create tools that automate these tasks for current and future...