SSO vs MFA/2FA—and the cost of insecure logins
Between 2004 and 2024, passwords topped the list as the most frequently leaked type of data. It’s safe to say that this security measure alone…
Category: Mix
7 Tips for bug bounty beginners
We all had to start somewhere in bug bounty hunting and we all made mistakes along the way. Most of these often helped us learn…
Policy, SOPs, and AI Are All You Need
.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; } .bh__table_cell { padding: 5px; background-color: #FFFFFF; } .bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap:…
Security Update: Critical CUPS Vulnerability
A group of vulnerabilities (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177) within OpenPrinting CUPS (the standard open-source printing system present in most Linux distributions) can be chained…
How to Streamline Your SDLC With Hai
Addressing Inconsistencies in Vulnerability Scanning One of the primary challenges of vulnerability scanning is maintaining consistent results. Inconsistencies can lead to missed vulnerabilities, regression issues,…
What is a bug bounty program? A guide for businesses
Bug bounty programs have proven to be an effective strategy for companies looking to proactively enhance their security posture. As a result, more and more…
API Security: The 6 biggest challenges AppSec teams face, and how to solve them. | Blog
Rob Samuels | 24 September 2024 at 10:01 UTC AppSec teams face a wide range of challenges when securing their API estate against attack threats.…
Hacking misconfigured Cloudflare R2 buckets: a complete guide
Cloudflare R2 buckets are recently becoming more popular as an alternative to AWS S3 buckets for their simplicity, integration support and zero-egress fees. Customers who…
How to Accelerate Vulnerability Remediation with Hai
The Challenge of Vulnerability Remediation When a vulnerability is identified, teams must determine the best approach to fixing it. This involves analyzing the vulnerability’s impact,…
Introducing HackerOne Automations | HackerOne
Efficiency and accuracy are crucial in vulnerability remediation. Yet, repetitive and manual handling of tasks throughout the vulnerability lifecycle remains time-consuming and prone to human…
Debugging LazyVim’s Root Directory Behavior
Today, I stumbled upon an interesting quirk while working on a Chrome Extension project using LazyVim. It’s a classic case of “it works, but not…
The Art Quality Tier List (AQTL)
I think I just figured out what art is. Took me decades. Here’s my definition, which has two primary components: Indirect expression of something that…