CISA warns govt agencies of recently patched Barracuda zero-day
CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. Barracuda says its security solutions…
Month: May 2023
Announcing the Largest DoD Bug Bounty Challenge Ever: Hack the Air Force
The Air Force is asking hackers to take their best shot following the success of Hack the Pentagon and Hack the Army bug bounty challenges.…
HackerOne and JIRA integration update: more improvements, fewer clicks
Last month, we announced a major improvement to how HackerOne integrates with JIRA. We’re following that up with more good news around making simple cross-platform…
Ethical considerations of access to the HackerOne community
Since its founding, HackerOne has been on a mission to empower the world to build a safer internet. HackerOne helps over 800 diverse organizations collaborate…
Bug Bounty Programs — Why Should I Care?
Why should I care about bug bounty programs? Every digital company has software vulnerabilities, and they get expensive in case of a breach. The cost…
HackerOne’s Approach to Triage | HackerOne
By Jobert Abma This is part 1 in a series of blog posts on HackerOne’s Triage Services. Triage is critical to any vulnerability disclosure process…
Netflix’s Password-Sharing Crackdown Has Hit the US
TikTok user data is exposed to Chinese ByteDance employees, a screen recording app goes rogue in Google Play, and privacy groups want Slack to expand…
Visual Guide to Bug Bounty Programs
The Bug Bounty Field Manual is the definitive guide on how to plan, launch, and operate a successful bug bounty program. But 10,283 words is…
Tesla Data Leak Exposes Thousands Of Safety Complaints
According to a report in the German newspaper Handelsblatt, Tesla Inc consumers made over 2,400 complaints about self-acceleration issues and 1,500 complaints about brake problems between…
Register Now to Hack the US Air Force
Hackers, do you have what it takes to hack the U.S. Air Force? Register now to participate in the Department of Defense’s largest bug bounty…
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework…
Put Your Security to the Test: Introducing HackerOne Challenge
Today we launch a new product, designed for every security team that runs periodic testing of web applications. HackerOne Challenge is modeled after the time-bound…