What Is an Information Disclosure Vulnerability? [Examples]
HackerOne’s 7th Annual Hacker-Powered Security Report states that information disclosure is the third most common vulnerability reported in both bug bounty and pentest. It makes up…
Category: Mix
Revolutionizing healthcare security: moving beyond pentesting
The healthcare sector remains a prime target for cybercriminals, with 90% of healthcare institutions experiencing at least one security breach in the last few years. And…
Keep Hackers Out of Your Kubernetes Cluster with These 5 Simple Tricks!
Securing Kubernetes clusters may feel overwhelming, as it’s often challenging to prioritize security investments and focus on what matters. In this post, we review real-world…
Two different IDOR bugs at mijn.VvAA.nl lead to potential access to data of 130k healthcare providers; including their own cyber risk insurance policy documents and more. | by Jonathan Bouman | Mar, 2024
Today we are going to have a close look at the VvAA, it’s one of the biggest insurance and consulting companies used by doctors and…
Misconfigured API endpoint on portal.skge.nl leaks PII data of registered healthcare providers | by Jonathan Bouman | Mar, 2024
Ransomware attacks in healthcare are our biggest threat according to the annual report of Z-Cert.nl. In this report it’s mentioned that the vendors of the…
Smuggling with JSON | HAHWUL
JSON은 YAML과 함께 자주 사용되는 포맷 중 하나입니다. K:V 형태의 단순한 구성이지만, JSON의 특성을 이용하면 데이터를 숨기고 Application의 잘못된 동작을 유도할 수 있습니다. 오늘은 Insignificant…
AI Safety vs. AI Security [2 Types of AI Red Teaming]
What Is the Difference Between Red Teaming For AI Safety and AI Security? AI red teaming is a form of AI testing to find flaws…
Decoding the Characteristics of Modern Pentesting: Effectiveness
Quality/Effectiveness: Effectiveness measures the method’s ability to provide reliable and accurate vulnerability detections, comprehensive system coverage, compliance with standards, and a diverse testing team for…
Reversing The Trend: Support and Mediation Win as a Team
It was a daunting task, especially considering the target was hovering around 52% at the time. But as the team responsible for supporting our customer…
Meet the hacker: HG_Real – Intigriti
In cybersecurity, ethical hackers are like digital guardians, keeping our online world safe. Game hacking adds a twist to this, giving hackers a chance to…
Announcing Intigriti’s Brinqa Integration – Intigriti
We’re happy to announce Intigriti’s latest partnership with Brinqa, a leader in vulnerability management. This integration marks a significant step forward in managing and prioritizing…
NIS2 Directive, CER, and DORA compliance challenges
**Disclaimer: The content of this blog post is for general information purposes only and is not legal advice. We are very passionate about cybersecurity rules…