Introducing our improved submission messaging
Today, we’re announcing a major upgrade to our submission messaging system, designed to streamline platform communication and boost efficiency for both researchers and companies on…
Category: Mix
How to optimize your vulnerability management process
Effective vulnerability management is no longer just an IT concern; it’s a fundamental business imperative that affects every layer of an organization. The escalating frequency…
Introducing HackerOne Gateway Internal Network Testing: Superior Security for Internal Networks
Our Solution: Precision Internal Network Testing with Zero Trust Control We are excited to introduce Gateway Internal Network Testing (INT) as the latest enhancement to HackerOne Gateway, powered…
OAuth and PostMessage
Tl;DR; An OAuth misconfiguration was discovered in the redirect_uri parameter at the target’s OAuth IDP at https://app.target.com/oauth/authorize, which allowed attackers to control the path of…
Unlock enhanced API scanning with Burp Suite | Blog
Rob Samuels | 31 July 2024 at 12:17 UTC More comprehensive scans. More vulnerabilities identified. More time saved. Enhance your API scanning with Burp Suite.…
How a GraphQL Bug Resulted in Authentication Bypass
What Is an Authentication Bypass Vulnerability? An authentication bypass vulnerability is a weakness in a system that fails to protect against unauthenticated access, allowing an…
Once Again, Docker Addresses API Vulnerability
Summary A significant vulnerability (CVE-2024-41110) was recently discovered in Docker Engine version 18.09.1.Although the issue was identified and fixed in 2019, the patch did not…
Hidden XSS? No User Interaction!
@kinugawamasato가 정말 멋진 페이로드를 가지고 왔습니다. 최근 글 XSS Bypass: alert_?_(45)에서 이야기 드렸듯이 요즘 XSS 벡터에 대한 리서치가 활발해지고 있는데요, 드디어 Hidden XSS에서 사용자 인터렉션을…
Lessons from HackerOne’s First Recharge Week
Our first-ever Recharge Week – July 1–5, 2024—aimed at giving most company employees a simultaneous week off to rest, pursue hobbies, and spend time with…
How to Use Pentesting for HIPAA Security Compliance
HIPAA regulatory standards outline the lawful use, disclosure, and safeguarding of protected health information (PHI). Any organization that collects or handles PHI must comply with…
Simple, Focused, and Effective: Obsidian Daily Note Setup
.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; } .bh__table_cell { padding: 5px; background-color: #FFFFFF; } .bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap:…
Hack My Career: Meet Naz Bozdemir
We talked to Naz Bozdemir, Product Marketing Lead, about her unique path and asked her to share insights into her career. From International Relations to…