What a week! – HackerOne at WIRED Security
This week has been a whirlwind here at HackerOne! In addition to announcing a new partnership with the U.S. Department of Defense and the winners…
Month: May 2023
Bandit Malware Attacks Browsers to Steal Financial Data
Bandit Stealer, a recently discovered information stealer by Trend Micro, effectively targets cryptocurrency wallets and web browsers while skillfully avoiding detection. The malware prioritizes Windows…
A HackerOne Thanksgiving | HackerOne
As a hacker, you know the best security bugs you reported to each program: the epic find in a popular cryptographic software library, the can’t-miss…
New GobRAT Remote Access Trojan Targeting Linux Routers in Japan
May 29, 2023Ravie LakshmananLinux / Network Security Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. “Initially,…
Top Vulnerability Reports of Third Quarter, 2016
It’s time for the third installment of Top 5 Vulnerability Reports on HackerOne. What a quarter! We sweated through the Vegas conferences, Hacked the World…
SeigedSec Claims Central Board Of Accountants Cyber Attack
As part of the ongoing operation ‘OpColombia’, the hackers of the SeigedSec group added two more targets to their victim list. Cybersecurity researchers tweeted about…
Marten Mickos wants to let a million hackers loose on corporate America
This first appeared in the San Francisco Business Times on November 3, 2016. View the original article here: http://www.bizjournals.com/sanfrancisco/news/2016/11/03/marten-mickos-hackerone-hackers-bugs-bounties.html Marten Mickos in SFBT Marten Mickos…
Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
A new phishing technique called “file archiver in the browser” can be leveraged to “emulate” a file archiver software in a web browser when a…
API Update Announcement: Report State Changes and Submission Comments
Communication is one of the keys to success in running a bug bounty program. From facilitating more than 650 bug bounty programs, we’ve learned that…
Driving secure-by-design principles | Computer Weekly
It is largely recognised among the IT security community that there is a direct correlation between the quality of code – as a percentage of…
Critical OAuth Framework Flaw Let Attackers Hijack Accounts
OAuth is the modern authentication mechanism most applications use to ease off the signing by creating a cross-allow application access delegation. However, recent discoveries from…
NoName DDoS Attacks Continue; London Airport, BCC Roma Hit
NoName DDoS attacks have been a clear and present threats to pro-Ukraine nations for a year. This time, the Pro-Russian hacker group has listed government…