MICROSOFT SAYS: RUSSIAN SOLARWINDS HACKERS HIT U.S. GOVERNMENT AGENCIES AGAIN
According to the New York Times, Microsoft says the state-backed Russian hacker group Nobelium—the same actor behind the 2020 SolarWinds attacks—took control of the State…
According to the New York Times, Microsoft says the state-backed Russian hacker group Nobelium—the same actor behind the 2020 SolarWinds attacks—took control of the State…
Xavier Blasco (a.k.a Lerhan) is a 23-year old security researcher on the Detectify Crowdsource Platform. He’s passionate about security and found a way in through…
Last week, HackerOne joined WhiteSource, AWS, and IGT for a roundtable discussion about the new security challenges of digital transformation. Both existing organizations making the digital shift and…
We have written about Content Security Policy (CSP) on Detectify Labs before. But maybe you’re wondering why should you have it on your site to…
Amazon’s Live Hacking Event with HackerOne At Amazon, ensuring security is essential for earning customers’ trust. As part of Amazon’s ongoing public Vulnerability Research Program (VRP),…
There are times where an attacker can hack a system and yet nothing is sent back, and this is classified as a blind vulnerability. This…
Reducing risk is the fundamental reason organizations invest in cybersecurity. The threat landscape grows and evolves, creating the need for a proactive, continual approach to…
This is a guest blog post from Detectify Crowdsource hacker, Gwendal Le Coguic. This is a tutorial on how to bypass Cloudflare WAF with the…
Five years after the Defense Digital Service (DDS) launched the first-ever U.S. federal government bug bounty Challenge, we’re pleased to announce the results of Hack…
Swedish west coast native Emelie Andersson moved to the other side of the country 6 years ago to pursue a career in software sales. Today…
In April of 2021, the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) pilot kicked off a twelve-month program to invite security researchers to hunt for…
Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps…