Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research | Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Monday, July 3, 2023

Posted by Editorial_Staff_Team

Published Vulnerabilities

2 comment(s)

Reader's rate:

Citrix Gateway... + continue reading

Rhein Ruhr Express (RRX) - DNS Cache Snooping Vulnerability on Wifi Hotspot

Tuesday, October 11, 2022

Posted by Editorial_Staff_Team

Bundeswehr Generalmajor officially acknowledges Whitehat for Responsible Disclosure Activities

Monday, October 25, 2021

Posted by Editorial_Staff_Team

BMW Mail - Persistent Validation Vulnerability

Tuesday, October 19, 2021

Posted by Editorial_Staff_Team

Published Vulnerabilities

1 comment(s)

Reader's rate:

A vulnerability researcher of the vulnerability lab team disclosed a simple but effective technique that was used against microsoft and adobe some years ago. A persistent input validation web vulnerability has been discovered in the official BMW online service portal web-application. The... + continue reading

Google Upgrades VRP Bug Bounty Platform

Wednesday, July 28, 2021

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

10th Anniversary - VRP Upgrade Google announced this week on its official security blog that the current bug bounty program will be rebranded for its anniversary. As with other vulnerability disclosure platforms, a gamification model will be used to further motivate the research community.... + continue reading

MSRC extends Bug Bounty Program for Microsoft Teams

Tuesday, April 6, 2021

Posted by Editorial_Staff_Team

Bug Bounty

1 comment(s)

Reader's rate:

New Teams Desktop Client Bug Bounty Program Microsoft Teams is a platform developed by Microsoft that combines chat, meetings, notes and attachments. The service is integrated into the Microsoft 365 suite with Microsoft Office and Skype/Skype for Business. In recent weeks, microsoft's msrc... + continue reading

Ebay Inc Identity Security Check Default PIN in 2021

Friday, January 15, 2021

Posted by Editorial_Staff_Team

Published Vulnerabilities

3 comment(s)

Reader's rate:

New Ebay Inc Identity Security Check Default PIN in 2021 In the last weeks we have reviewed several identity security check mechanisms of large coporates. Due to that we figured out a funny case with ebay inc. Ebay inc owns a new security identity check function that uses a algorithm to... + continue reading

German Bundeswehr starts own Responsible Disclosure Program (VDPBw)

Thursday, October 22, 2020

Posted by Editorial_Staff_Team

Sparkasse Safe - Two Functions One Token to Go

Wednesday, September 16, 2020

Posted by Editorial_Staff_Team

Published Vulnerabilities

0 comment(s)

Reader's rate:

Bypassing using Exchange of Session Credentials In recent weeks, a new application has been released at the sparkasse in germany. This is the "secure safe" for documents... + continue reading

Featured Cooperative Security Articles

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Monday, 03/07/23 - 2 comment(s)

Citrix Gateway... + continue reading

Rhein Ruhr Express (RRX) - DNS Cache Snooping Vulnerability on Wifi Hotspot

Tuesday, 11/10/22 - 0 comment(s)

BUG BOUNTY ISSUES

Google Upgrades VRP Bug Bounty Platform

Wednesday, 28/07/21 - 0 comment(s)

MSRC extends Bug Bounty Program for Microsoft Teams

06/04/21 - 1 comment(s)

Microsoft starts Xbox & Xbox Live Bug Bounty Program

11/02/20 - 3 comment(s)

Apple launches public Bug Bounty Program and delights Security Community

20/12/19 - 3 comment(s)

VULNERABILITIES & BUGS

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Monday, 03/07/23 - 2 comment(s)

Citrix Gateway... + continue reading

BMW Mail - Persistent Validation Vulnerability

19/10/21 - 1 comment(s)

Ebay Inc Identity Security Check Default PIN in 2021

15/01/21 - 3 comment(s)

Sparkasse Safe - Two Functions One Token to Go

16/09/20 - 0 comment(s)

BEST SECURITY VIDEOS

Telekom Magenta Musik 360 - Multiple Cross Site Scripting Vulnerabilities

Thursday, 07/03/19 - 2 comment(s)

Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-... + continue reading

PayPal Inc patched medium severity Cross Site Request Forgery Issue

25/08/15 - 0 comment(s)

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

IT-SECURITY EVENTS

Edward Snowden free speech at JBFone - Data Security & Privacy

Thursday, 23/11/17 - 2 comment(s)

Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading

Internet Security Conference 2017 by Qihoo 360

22/09/17 - 0 comment(s)

Manchester City - Football Club hosts first Hackathon in July 2016

05/07/16 - 0 comment(s)

Hack in the Box | Amsterdam 2015 | HITB

30/05/15 - 3 comment(s)

ARTICLES - IMAGES GALLERY PREVIEW

Citrix Gateway & Cloud MFA - Insufficient Session...

Rhein Ruhr Express (RRX) - DNS Cache Snooping Vulnerability...

Bundeswehr Generalmajor officially acknowledges Whitehat...

BMW Mail - Persistent Validation Vulnerability

Google Upgrades VRP Bug Bounty Platform

MSRC extends Bug Bounty Program for Microsoft Teams

Ebay Inc Identity Security Check Default PIN in 2021

German Bundeswehr starts own Responsible Disclosure Program...

Sparkasse Safe - Two Functions One Token to Go

Vulnerability in LANCOM Systems Wireless Controller Series...

Advanced Persistent Threat Golden_hands - Digital Bank...

Microsoft Windows 2012 R2 (x64) - (MMC) Local DoS...

Bundeswehr Career Page - Weak spot permanently closed

Microsoft starts Xbox & Xbox Live Bug Bounty Program

Apple launches public Bug Bounty Program and delights...

Zero Day Vulnerability in Deutsche Bahn Ticket Machine...

Skype v8.49.0.49 Export History v7 - Persistent Web...

Imperial & Dabman Internet Radio - Undocumented Telnetd...

GPSRP pays researchers for reporting abusiv google...

Apple extends exisiting private bug bounty program at the...

Tue

Jul

New Banana PI R1 SD V3 Case for Devs & PenTesters Available

Submitted by Editorial_Staff_Team on Tue, 07/24/2018 - 11:34

New Banana PI R1 SD V3 Case Available

The Banana Pi R1 is a router based on the same SoC as the M1 Classic Pi. The R1 is an open hardware router that runs on a variety of open source operating systems such as OpenWrt, Android and Bananian. The R1 has a slim router form factor with a bay for 2.5 hard drives. It also has 4 Gigabit LAN ports, 1 Gigabit WAN and 300Mbs Wireless N capabilities.

Banana Pi is an open platform device, it is for everyone who wants to play and build with developer technology instead of just working with consumer technology. Supported by our community it is fun to start a project and build servers. We welcome all companies, DIY enthusiasts and technology enthusiasts to our community! Together we can make a difference, discover our passions, inspire others and build a practical project.

Mon

Jul

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018

Submitted by Editorial_Staff_Team on Mon, 07/23/2018 - 10:21

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018

A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a special variant of the Nightly Builds of the Firefox browser, users can search for memory errors completely automatically. Mozilla even wants to distribute rewards for reports submitted in this way.