Sub-Venture Scale Security Problems
Thank you to Kane for coming up with the main thesis and as primary author of this piece. Check out his blog for a lot…
Category: Mix
Launching new domains view and enhanced policies
We’ve recently announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring unprecedented control over…
Vulnerability detected on Veeam Backup Enterprise Manager
On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log…
Hack My Career: Advice from HackerOne Employees
Today, we gathered insights from five HackerOne employees offering career advice to illuminate this journey and provide guidance. Kayla Underkoffler, Senior Security Technologist in Pennsylvania,…
NIST CSF 2.0 and Pentesting: What You Need to Know
In 2014, the National Institute of Standards and Technology (NIST), recognizing the importance of protecting U.S. systems and data against cyberattack, issued its CyberSecurity Framework (CSF). The CSF…
HackerOne Company Values Matter: Execute with Excellence
Since its inception, the Execute with Excellence Award has had three remarkable recipients. Each one shares a unique perspective on what this award and HackerOne’s…
Podcast Summary: Dwarkesh vs. Leopold Aschenbrenner
This is a Fabric conversation extraction (using the extract_wisdom_dm pattern) of the 4-hour conversation between Dwarkesh and Leopold about AGI and other topics. SUMMARY Leopold…
Cybersecurity: Why ROI Isn’t Always a Meaningful Metric
Cybersecurity investments are crucial for businesses of all sizes, but determining the return on investment (ROI) of these investments can be complex. Conventional ROI methodologies…
Analysis of Mics and Mic Sounds Used by Podcasters
I think I’ve finally figured out what’s up with podcast audio. At least in terms of: So what I’m going to do is just blast…
3 Bug Bounty Lessons From Retail & eCommerce Customers
How do security vulnerabilities uniquely impact the retail and eCommerce space, and how can retail and eCommerce organizations use ethical hackers to mitigate risk? We…
Top 10 AI Embarrassments to Avoid
Unlike traditional security flaws, which typically result in data breaches or service disruptions, AI systems can also cause embarrassment through errors in judgment, biased decision-making,…
CVE-2024-24919: Check Point’s Quantum Gateway comes under Attack as Hackers exploit Zero-Day Vulnerability
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs…