Improvements to fingerprinted technologies, IP data, and the attack surface
We’ve made several improvements to how users can interact with their fingerprinted technologies data, grouping IP data by several parameters, and viewing the latest changes…
Category: Mix
Wallarm at OWASP Global AppSec DC 2023
If you’re involved in securing APIs, applications and web applications, or looking to learn about these, then the OWASP Global AppSec DC Conference next week…
Riva Tez vs. David Perell
ExWis is a project that Extracts Wisdom from textual content, whether that’s a podcast conversation, an interview, a presentation, an essay, an article—basically whatever. The…
[tl;dr sec] #205 – Resume Prompt Injection, CVE PoCs, Server-side Sandboxing
I hope you’ve been doing well! 🤦 New Level Achieved OK I’m a little embarrassed to share this, but I trust you, dear reader. I…
Smart Pension launches a Vulnerability Disclosure Program on Intigriti
Smart Pension, one of the fastest-growing financial technology companies in the UK, is launching its Vulnerability Disclosure Program (VDP). Ever since Smart Pension’s launch in…
How to Get Samantha from Her or TARS from Interstellar on Your iPhone/Android
Pick between Samantha from Her or TARS from Interstellar OpenAI just added super-high-quality voices to ChatGPT, and you can now start a 2-way conversation with…
How HackerOne Is Building Responsible Generative AI (3 Use Cases)
HackerOne’s AI can already be used to: 1. Help automate vulnerability detection, using Nuclei, for example 2. Provide a summary of a hacker’s history across…
Application Layer Gateways (ALG): A Detailed Overview
Snippet When you hear “Application Layer Gateway,” or ALG for short, think of it as a network traffic conductor. It’s the unsung hero that examines…
HackerOne’s EPSS Integration for Better CVE Scoring and Remediation
At HackerOne, we’ve always been committed to helping customers navigate the complex landscape of prioritizing vulnerability remediation. The CVE Discovery feature in Hacktivity is instrumental…
Bug Bytes #215 – Hackers in Lisbon, AI bug bounty and is this the end?
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
Quotes
I enjoy having my own list of quotations for two reasons: I hate not remembering my favorites. Favorite quotes serve to define a person rather…
Leaking Session Tokens with CVE-2023-4966
Introduction It’s time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned “unauthenticated buffer-related vulnerabilities” and two CVEs.…