Bug Bounty

New Cloud Services, High Severity Issues & Invitation Only

In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and  a half year ago the service went into the open crowd. Dave Farrow one of the leading managers in the company of barracuda networks announced today, that the official bug bounty program will move to improve the new cloud services series.

In the followup lines of his blog post he says "We are applying that same philosophy to our Security Bug Bounty Program. Couple of key things to note on the upcoming changes".

Facebook API v2.1 hit by RFC6749 Open Redirect Attack Vulnerability

The vulnerability laboratory core team researcher "SaifAllah benMassaoud" discovered a zero-day RFC6749 Open Redirector Attack in Facebook API v2.1. The RFC6749 Open Redirector Attack vulnerability allows remote attacker to prepare manipulated client-side application to browser requests which is specially crafted to take them to an arbitrary website, the target website could be used to serve a malware attack.