46 matches found
Zerocopter Debuts First Hacker-Led Cybersecurity Marketplace
By Deeba Ahmed Cybersecurity firm Zerocopter has launched the first-ever Cybersecurity Marketplace led by white-hat hackers. With cybercrime projected to cost… This is a post from HackRead.com Read the original post: Zerocopter Debuts First Hacker-Led Cybersecurity Marketplace...
How to Buy Precious Patching Time as Log4j Exploits Fly
Sure, Apache got a patch out fast when the Log4j logging library vulnerability – aka Javageddon or “up there with Shellshock” – exploded last week. But emergency patches take days best-case scenario or weeks to install: plenty of time for attackers to do their worst. Which they lickety-split did,...
Zoom zero-day discovery makes calls safer, hackers $200,000 richer
Two Dutch white-hat security specialists entered the annual computer hacking contest Pwn2Own, managed to find a Remote Code Execution RCE flaw in Zoom and are $200,000 USD better off than they were before. Pwn2Own Pwn2Own is a high profile event organized by the Zero Day Initiative that challenge...
Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have bee...
Researchers Found 55 Flaws in Apple's Corporate Network
The company has patched the vulnerabilities and paid the team of white-hat hackers $288,000...
What Programming Languages Do Ethical Hackers Use?
By Owais Sultan Ethical hacking is when hacking is done for good reasons - The people behind ethical hacking are ethical hackers or white hat hackers. This is a post from HackRead.com Read the original post: What Programming Languages Do Ethical Hackers Use?...
Critical GitLab Flaw Earns Bounty Hunter $20K
A critical GitLab vulnerability, which could be leveraged by a remote attacker to execute code, recently netted a researcher a $20,000 bug-bounty award. The flaw was reported to GitLab by software developer William Bowling via the HackerOne bug bounty platform on March 23. It was then disclosed...
GitLab Doles Out Half a Million Bucks to White Hats
GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...
HackerOne Breach Leads to $20,000 Bounty Reward
HackerOne has paid out $20,000 after a high-severity vulnerability was discovered in the bug-bounty platform. The flaw allowed an outside bounty hunter to access customers’ reports and other sensitive information. Disclosed this week in a HackerOne report, the security incident stemmed from a...
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fir...
Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked
Hackers over the weekend successfully compromised widely used software and hardware–including browsers Safari and Chrome, D-Link routers and the Office 365 suite–using zero-day vulnerabilities at the annual Tianfu Cup gathering. The hacking competition, held in Chengdu, China, is very similar to...
Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps
Following a series of security mishaps and data abuse through its social media platform, Facebook today expanding its bug bounty program in a very unique way to beef up the security of third-party apps and websites that integrate with its platform. Last year, Facebook launched "Data Abuse Bounty"...
Become a Certified Hacker With This Hands-On Training Course
It seems as though not a day goes by without news spreading over another major cyber attack. Hackers are becoming increasingly efficient at targeting everything from small startups to Fortune 500 companies and even entire government agencies, and as the world moves further away from traditional...
Someone Hacked 50,000 Printers to Promote PewDiePie YouTube Channel
This may sound crazy, but it's true! The war for "most-subscribed Youtube channel" crown between T-Series and PewDiePie just took an interesting turn after a hacker yesterday hijacked more than 50,000 internet-connected printers worldwide to print out flyers asking everyone to subscribe to...
Netflix Opens Public Bug Bounty Program with $15K Payout Cap
Netflix expanded its bug bounty program on Wednesday opening it up to any white hat hacker and at the same time increased the top reward to $15,000. The bug bounty program, managed by Bugcrowd, now allows any registered hackers to scour Netflix vast mobile, cloud and software platform for minor a...
Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities
An unnamed company will start an eight-week, invite-only bug bounty program in September that offers a $250,000 payout for virtual-machine escape vulnerabilities tied to an unreleased product. Bugcrowd announced the program today, and said the high-priced bounty is the largest advertised bounty o...
Hackers Stole $32 Million in Ethereum; 3rd Heist in 20 Days
An unknown hacker has just stolen nearly $32 million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – from Ethereum wallet accounts linked to at least three companies that seem to have been hacked. This is the third Ethereum cryptocurrency heist that came o...
Joomla Payage 2.05 Component - aid Parameter SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla Payage 2.05 - SQL Injection Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Mojtaba Kazemi Vendor Home : https://extensions.joomla.org/extensions/extension/e-commerce/payment-systems/payage/ My Home :...
Alex Guestbook 5.0.4 Cross Site Scripting
Exploit Title: Alex Guestbook Version 5.0.4 - Cross Site Scripting Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Mojtaba Kazemi Vendor Home : http://www.alexguestbook.net/ Home : http://persian-team.ir/ Google Dork : inurl:alexguestbook3 Telegram Channel: @PersianHackTeam Teste...
Joomla VideoFlow 1.2.0 SQL Injection
Exploit Title: Joomla VideoFlow 1.2.0 - SQL Injection Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Mojtaba Kazemi Vendor Home : https://extensions.joomla.org/extensions/extension/multimedia/multimedia-players/videoflow/ My Home : http://persian-team.ir/ Google Dork :...