Are you running Magento version before 2.0.6.? Time to upgrade!It was recently discovered that all Magento versions before 2.0.6. (both Community and Enterprise Edition) are vulnerable against an unauthenticated Remote…
“To improve the security of their connected systems, every corporation should have a vulnerability disclosure policy that allows them to receive security submissions from the…
We have listened to your feedback and added several requested features to our service. Ability to remove tags that have previously been added to specific…
Hacktivity can save your company. Take help from hackers. You can’t do it alone. Approach hackers with an assumption of benevolence, and develop relationships with…
Insecure Direct Object Reference allows attackers to manipulate references to gain access to unauthorized data. A proof of concept video follows this article. OWASP is a non-profit…
In the last two parts of this series, we discussed the AWS Shared Responsibility Model. We started with keeping your private keys private and then…
We’ve got some cool events coming up and we’re looking forward to discussing security at tech conferences, meetups and webinars. Check out this blog post for…
“I think we found something good,” said hackers @sumlac, @teknogeek, and @johnny said to a member of the MARFORCYBER team at the kickoff live hacking…
Sucuri recently discovered a stored XSS in all versions from 2.0 (released in November 2012) of the popular WordPress plugin Jetpack. The plugin has over 1 million active…
In 2016, the DoD said Yes to cyber help by launching the Hack the Pentagon program. It took 13 minutes for them to receive their…
On May 11th, we co-organised a PHP security meetup together with PHP Stockholm at SUP46, where our knowledge advisor Frans Rosén talked about vulnerabilities and…
For the first time, HackerOne kicked off fall by migrating south. Way south. All the way to Buenos Aires, Argentina! Oath, a media and tech…
