Bypassing Cloudflare WAF with the origin server IP address
This is a guest blog post from Detectify Crowdsource hacker, Gwendal Le Coguic. This is a tutorial on how to bypass Cloudflare WAF with the…
Latest Cybersecurity News — Page 5655
View all →
Faulty Network Router Disposal Puts Firms At Risk: ESET
Secure data destruction and network router disposal go hand in hand when it comes to office network security. However, a recent study by the ESET…
ANNOUNCING HACK THE ARMY 3.0 RESULTS: A CONVERSATION WITH DEFENSE DIGITAL SERVICE, U.S. ARMY, AND HACK THE ARMY 3.0’S TOP HACKER
Five years after the Defense Digital Service (DDS) launched the first-ever U.S. federal government bug bounty Challenge, we’re pleased to announce the results of Hack…
Meet the Team: Emelie Andersson – Building a fast-flying sales team
Swedish west coast native Emelie Andersson moved to the other side of the country 6 years ago to pursue a career in software sales. Today…
60 Days of Insights from the DOD’s Defense Industrial Base Vulnerability Disclosure Program Pilot
In April of 2021, the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) pilot kicked off a twelve-month program to invite security researchers to hunt for…
Introducing Asset Inventory: stay on top of your web asset security
Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps…
Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws
Tech giants Apple, Microsoft, and Google each fixed major security flaws in April, many of which were already being used in real-life attacks. Other firms…
AresLoader Camouflaged As A Citrix Project Sold For A $300 Subscription On GitHub
A new loader that is used to run and install additional malware on targeted systems was found by researchers at the Cyble Research and Intelligence…
How Hackers Can Help Reduce Your Organization’s Application Risk on AWS
HackerOne recently hosted AWS and a panel of expert ethical hackers to discuss how Server-Side Request Forgery (SSRF) vulnerabilities and cloud misconfiguration are ripe environments for hackers to discover…
Detectify now checks for File Disclosure in SSL VPNs – Pulse Secure and Fortinet
Pulse Secure and Fortinet have announced advisories detailing a critical vulnerability found that enables an unauthenticated user to conduct file disclosure in SSL VPN. Thanks…
Citrix’s Hacker-Powered Security Growth Plan: Q&A with Abhijith Chandrashekar
With over 400,000 customers, Citrix is a recognized industry leader in both digital workspace technology and in its approach to hacker-powered security. Spearheaded by Abhijith Chandrashekar,…
Week in review: PaperCut vulnerabilities, VMware fixes critical flaws, RSA Conference 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSA Conference 2023RSA Conference 2023 took place at the Moscone…