Apple Blocked Over $2 Billion in Fraudulent Transactions
Apple published a report claiming that they prevented around $2 billion of potentially fraudulent transactions in 2022 and rejected around 1.7 million app submissions as…
Month: May 2023
[tl;dr sec] #182 – Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes
Hey there, I hope you’ve been doing well! 📢 ICYMI AppOmni recently released a free tool that can evaluate your Salesforce instances for misconfigurations and…
Hacker101 CTF++: Find flags, get private bug bounty program invitations
Hacker101 CTF++ Three months ago, we introduced the Hacker101 CTF: A fresh new way to apply your hacking skills to real-world challenges, no matter your…
Enhancing open source security: Insights from the OpenSSF on addressing key challenges
In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on…
OWASP TOP 10: Missing Function Level Access Control
Missing Function Level Access Control is one of the vulnerabilities on OWASP’s Top 10 list and occurs when authentication checks in request handlers are insufficient. A…
Organizations’ cyber resilience efforts fail to keep up with evolving threats
A steady increase in cyberattacks and evolving threat landscape are resulting in more organizations turning their attention to building long-term cyber resilience; however, many of…
Identity crimes: Too many victims, limited resources
The Identity Theft Resource Center (ITRC) has documented incidents of identity theft reported during 2022 and the first quarter of 2023, highlighting the use of…
Introducing Hacker Dashboard: Your personalized HackerOne overview
Earlier this month, we introduced the all-new Program Directory with a fresh set of metrics and better filtering. Now, we’re taking it a step further…
University of Sydney to keep backing Azul Java runtime – Software
University of Sydney’s Emiliano Fisanotti. The University of Sydney is set to renew its use of Azul’s Java platform after switching from an Oracle Java…
OWASP TOP 10 2013: Cross-site Request Forgery – CSRF
Cross-site Request Forgery (CSRF) is one of the vulnerabilities on OWASP’s Top 10 list. Its an attack used to make requests on behalf on the user.…
PharMerica breach impacts almost 6 million people
US pharmacy giant PharMerica has reported a cybersecurity incident that affects over 5.8 million people. The data theft has been claimed by ransomware group Money…
Test your hacking skills on real-world simulated bugs
Hacktivity is a treasure trove of vulnerability data and tactics. You’ve got newly published reports from across the web, staple programs that believe in the…