Hacking the U.S. Air Force (again) from a New York City subway station
New York City during the holidays. Magical. Bringing together hackers from around the world to legally hack the U.S. Air Force. Double the magic. On…
Category: Mix
Malicious Data Mining @ HyperIsland
Johan Edholm and I (Fredrik Nordberg Almroth) had a talk a while back at HyperIsland, Stockholm (the 18’th of October) for the DDS13 group. The purpose of the talk…
Bug Bytes #201 – Path Traversal, Prompt Injection, and GitHub Actions
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
Alex Rice and Zane Lackey Discuss Modern Security for Practitioners
Our co-founder and CTO, Alex Rice, was a recent guest on The Modern Security Series by Signal Sciences, along with Signal Sciences’ co-founder and CSO,…
How I hacked Facebook and received a $3,500 USD Bug Bounty
Find out how our Security Researcher Frans Rosén hacked Facebook and found a stored XSS for which he received a bug bounty reward. I recently found…
Samy Kamkar’s Security@ San Francisco Keynote
If you were into social networks during the MySpace era, you might recall the Samy Worm of 2005. The worm spread through friend invitations, infecting…
Server-side Javascript Injections and more!
Today’s updates fill the needs of many of you out there! You asked for it, and now it’s in the Detectify engine! Here’s a breakdown…
Hacking The Planet – Hack The World 2017 Recap
After 1 month of our community’s best and brightest going head to head to be named Hack The World 2017 champion, we are ready to…
Detectify Responsible Disclosure Program – Detectify Blog
As of today, researchers can report security issues in Detectify services to earn a spot on our Hall of Fame as well as some cool…
Bringing Private-sector Security into the U.S. Government [Security@ Recaps]
“Hacking the U.S. Government” was the first panel discussion at Security@ SF, and it proved to be as interesting as you would expect. Jeff John…
How we got read access on Google’s production servers
Few things are better than a good ethical hacking challenge and what could be more fun than finding a target that can be used against…
What percentage of your software vulnerabilities have GDPR implications?
GDPR is a regulation requiring organizations to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And…