Meet the Hacker: europa: “I always trust my gut when I get the feeling that something is there”
Meet the hacker europa, a white hat hacker on the Detectify Crowdsource platform. He is based in Italy with a great passion for infosec and…
Category: Mix
NIST Overhauls “Security and Privacy Controls” and Emphasizes VDP as a Best Practice
Back in 2005, the Computer Security Resource Center (CRSC) published NIST 800-53: the “Security and Privacy Controls for Information Systems and Organizations” publication. This Special…
Detectify security updates for 10 January
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from…
HackerOne is Excited to Launch Triage Ratings for Customers and Hackers
For customers and hackers, the triage experience is central to hacker-powered security. Our triagers consist of a globally distributed team of security analysts that triage…
What is server side request forgery (SSRF)?
Update: SSRF has been nominated in the new OWASP Top 10 of 2021. The list is currently pending peer reviews, but it would not be…
US Government Mandates Vulnerability Disclosure for IoT
This year has seen a rapid acceleration in the American government’s efforts to secure federal and state cyber infrastructure. This momentum has continued with the…
8 ways to create better cybersecurity awareness with a limited budget
Not all cybersecurity budgets are made equal, and for some that means having too many or too few tools. For others this means having few…
Announcing the HackerOne Brand Ambassadors
HackerOne Brand Ambassadors are leaders who have a passion to bring the community together in their local city or region. We are excited to announce…
Detectify security updates for 23 January
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from…
No. 380 – LLM-Mind-Reading, Automated War, Rusty Sudo, Eliezer Bitterness Theory…
Happy Conflu week, Well, I got sick (again) from RSA. The swag at these cons continues to decline. Still shipped an abridged newsletter though.…
HackerOne Joins AWS Marketplace as Cloud Vulnerabilities Rise
Addressing security risks at scale is more important than ever. With a global pandemic accelerating digital transformations, organizations are shipping new products and services at…
Eray Mitrani: Stumbling upon a new way to exploit authorization bypass in Jira
Eray Mitrani works for Nokia Deepfield where they are providing network analytics and DDoS-protections. He is also a security researcher in the Detectify Crowdsource community.…