DevSecOps: Bridging the Gap Between Security and Development
At HackerOne’s recent 2021 Security@ conference, we spoke to Mike Hanley, CSO at GitHub. As a company that prizes security while serving tens of millions…
Author: Cybernoz
Photos: RSA Conference 2023 Early Stage Expo
RSA Conference 2023 is taking place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important…
Detectify releases new and improved integrations
Integrations are intended to make work and the flow of information smoother. In our case, the integrations expedite critical vulnerability information found by Detectify to…
Photos: RSA Conference 2023, part 3
RSA Conference 2023 is taking place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important…
LimeRAT Malware Analysis: Extracting the Config
Apr 27, 2023The Hacker NewsMalware Analysis / Cyber Threat Remote Access Trojans (RATs) have taken the third leading position in ANY. RUN’s Q1 2023 report…
Let Remote Attackers Launch XSS
A zero-day flaw in Cisco’s Prime Collaboration Deployment (PCD) software that can be used to launch cross-site scripting attacks has been identified. “A vulnerability in…
[tl;dr sec] #179 – BSidesSF Summaries, Attacking Kubernetes, OpenAI + Burp Suite
Hey there, I hope you’ve been doing well! Conference Montage I have some amusing anecdotes from BSidesSF and RSA that I want to share, but…
SLP Protocol Bug Lets Attackers Launch 2,200x DDoS Attack
The Service Location Protocol (SLP) has been found to have a new reflective Denial-of-Service (DoS) amplification vulnerability. Threat actors can exploit this vulnerability to execute…
Brace Yourself for the 2024 Deepfake Election
“It consistently amazes me that in the physical world, when we release products there are really stringent guidelines,” Farid says. “You can’t release a product…
Google Cloud seals bug that could have led to data breaches
Google Cloud has fixed a potentially dangerous application programming interface (API) vulnerability in its platform that, had it been exploited by malicious actors, could have…
Jedox’s Journey with HackerOne: A Q&A with CTO, Vladislav Maličević
Vladislav Maličević is the Chief Technology Officer at Jedox, a leading global provider of cloud-based enterprise performance management solutions for Financial Planning and Analysis. Jedox…
PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates
Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers. The detected…