Facebook bug could have allowed attacker to take over accounts

A vulnerability in Facebook could have allowed an attacker to take over a Facebook account without the victim needing to click on anything at all. The bug was found by a bounty hunter from Nepal called Samip Aryal and has now been fixed by Facebook. In his search for an account takeover...

Whitehat hacker shows how to detect hidden cameras in Airbnb, hotels

By Waqas A whitehat hacker has shared simple yet useful tips on his TikTok detailing how you can detect hidden cameras in an Airbnb or a hotel room. This is a post from HackRead.com Read the original post: Whitehat hacker shows how to detect hidden cameras in Airbnb, hotels...

Whitehat hackers accessed primary keys of Azure’s Cosmos DB customers

By Saad Rajpoot The vulnerability existed in Microsoft Azure’s flagship database service Cosmos DB for approximately two years. This is a post from HackRead.com Read the original post: Whitehat hackers accessed primary keys of Azures Cosmos DB customers...

Defi protocol THORChain loses $8 million in “seemingly whitehat” attack

By Deeba Ahmed THORChain said that "the hacker deliberately limited their impact, seemingly a whitehat." This is a post from HackRead.com Read the original post: Defi protocol THORChain loses $8 million in "seemingly whitehat" attack...

Whitehat hacker bypasses SQL injection filter for Cloudflare

By Sudais Asif This was then subsequently reported to Cloudflare who fixed it in a few days. This is a post from HackRead.com Read the original post: Whitehat hacker bypasses SQL injection filter for Cloudflare...

Iomega and LenovoEMC NAS Vulnerability - US

Lenovo Security Advisory: LEN-25557 Potential Impact: Information disclosure Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6160, CVE-2019-6178 Summary Description: Update 2019-08-15: CVE-2019-6178: An information leakage vulnerability in Iomega and LenovoEMC NAS product...

Iomega and LenovoEMC NAS Vulnerability - Lenovo Support US

No description provided...

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate...

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate...

A few words about Gartner’s “Magic Quadrant for Application Security Testing” 2018

February and March are the hot months for marketing reports. I already wrote about IDC and Forrester reports about Vulnerability Management-related markets. And this Monday, March 19, Gartner released new "Magic Quadrant for Application Security Testing". You can buy it on the official website fo...

JavaScript-Based DDoS Peaks at 275,000 Requests Per Second

Two years ago at the Black Hat conference, WhiteHat Security researchers Jeremiah Grossman and Matt Johansen explained how hackers could in theory leverage an online ad network to distribute malicious JavaScript efficiently and quickly. Depending on how much money the attacker wanted to spend, th...

Whitehat Aviator Detection

Binary data 8841.prm...

Google Engineers Critical Aviator Browser Privacy, Security

Within hours on Thursday of WhiteHat Security releasing its Aviator browser to open source, a remote code execution vulnerability was disclosed, along with a handful of other coding issues that Google security engineers said jeopardized the security and privacy of Aviator’s users. Google’s public...

Facebook Releases osquery to Open Source

Facebook is in a giving mood today. The social networking giant announced today that it will release to open source a framework that detects and logs state changes in an operating system likely caused by an attack or performance meltdown. It also announced that it will hand out up to $300,000 nex...

Robert Hansen on Aviator and the $250,000 Security Guarantee

Dennis Fisher talks with Robert Hansen of WhiteHat Security about the company’s decision to change default search providers in their Aviator browser to Disconnect and the $250,000 guarantee for users of the Sentinel Elite product. ​Download: Robert Hansen on Aviator, Search Revenue and the $250,0...

New Facebook Internet Defense Prize Pays Out $50,000 Award

Large technology companies may already have bug bounty programs in place that reward researchers who attack and find holes in software or web platforms. Slowly, some are also starting to institute programs that pay for defensive measures. Facebook is the latest to do so with the implementation of...

CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Hotel Software and Booking system 1.8 - SQL Injection / Cross Site Scripting Date: 21 de Agosto del 2013 Exploit Author: Dylan Irzi Credit goes for: websecuritydev.com Vendor Homepage: http://www.cbhotel.eu/ Tested on: Win8 & Linux Mint Affected...

WhiteHat Releases Aviator Browser for Windows

The privacy and anonymity of users’ online communications has been at the forefront of many discussions in the tech community and the general public in the last year as more and more information has leaked out about the NSA’s methods and how the agency collects vast amounts of user data. Keeping...

Whitehat Aviator Version Detection

Binary data 8168.prm...

Jeremiah Grossman on His New Role as CEO of WhiteHat Security

Dennis Fisher talks with Jeremiah Grossman, the new interim CEO of WhiteHat Security, about taking on the new role, how things have changed since he was CEO 10 years ago and what the biggest challenges will be. Image via @biatch0‘s Flickr photostream, Creative Commons...