Hack for Good: Easily Donate Bounties to WHO’s COVID-19 Response Fund
The community has come together in some amazing ways to support COVID-19 relief efforts from Marc Rogers’ CTI League, the US Digital Response group helping…
Category: Mix
ACME TLS-SNI-01 shared hosting exploit using Let’s Encrypt
On Tuesday, January 9, Detectify’s security advisor Frans Rosén discovered and reported a security issue in in TLS-SNI-01 validation in Let’s Encrypt. Exploiting the issue…
Live Hacking Goes Virtual | HackerOne
At a time when security must be managed remotely, HackerOne and Verizon Media called on the naturally remote and global community of skilled hackers and…
GDPR security from an ethical hacker’s perspective
Discussions about the GDPR (General Data Protection Regulation) often touch upon security, a topic that few people know as well as ethical hackers. What can…
Universal Business Components (UBC) – Daniel Miessler
Seems like everyone, including me, is talking about how AI is going to take over everything. Cool, but what does that mean exactly? And how…
Slack Increases Bounty Minimums For the Next 90 Days
This blog post was contributed by Slack Staff Technical Program Manager Branden Jordan. Given the success of Slack’s previous promotion and their continued focus on…
Introducing Detectify API v 2
We have released Detectify API v 2 to help you integrate Detectify with your own systems and make it your own. Our old API has…
Hackweek: An insider’s look at HackerOne culture
I’m now a month into my role as Chief People Officer at HackerOne and know I made the right decision to be here. Of course,…
Do not dismiss the small vulnerabilities!
Never dismiss a small vulnerability because its impact on its own is negligible. Seemingly innocent vulnerabilities can be combined into something much more dangerous or,…
The Right Amount of Trauma
I’ve come to believe that there’s an ideal amount of trauma in one’s past. Or at least if you aim to be highly successful at…
Shopify Celebrates 5 Years on HackerOne
Five years ago, Shopify’s small but mighty security team began their hacker-powered security journey with HackerOne. Since then, they have paid out over $1,000,000 in…
WordPress disabled auto update in version 4.9.3
WordPress version 4.9.3 included a great deal of security patches. However, the widely used Content Management System accidentally disabled the auto update functionality in that…