Tuesday, March 13, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
Bug Bounty Program increases payments for researchers in 2018 Today in the morning the paypal inc bug bounty program updated again within one month the official bug bounty program conditions. The newst update of j.p. morgan increases the payment amounts to a new stage for participating security... + continue reading
Tuesday, February 27, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
PayPal Inc - Venmo Bug Bounty Program Today in the morning paypal inc announced its newst updates of the bug bounty program. The new service is called "Venmo" and became to today official part of the bug bounty program. For the program the official terms and process for submitting... + continue reading
Saturday, February 24, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
Intel Bug Bounty Program for Public Researchers Intel decided latly after the incident of the last year with meltdown, spectre and other security issues that the bug bounty program will expand and be opened to other international security researchers. The upcoming updates are announced in a web... + continue reading
Monday, January 29, 2018
Posted by Editorial_Staff_Team
Reader's rate:
3.6
Banknotes Misproduction security & biometric weakness In the last months vulnerability lab team reviewed the new 20€ & 50€ banknotes of the european central bank. One of our core team researchers identified that for the security sign of the holograms are different components in... + continue reading
Thursday, January 4, 2018
Posted by Editorial_Staff_Team
Reader's rate:
4.833335
Independent Researcher scores in Wickr Inc Bug Bounty Program The security researcher Hanno Horrmeyer uncovered a vulnerability in the wickr inc ios and android application in 2017 Q1-2. He began to research for other program participants and teams after his disclosure to the bug bounty program... + continue reading
Friday, November 24, 2017
Posted by Editorial_Staff_Team
Reader's rate:
4.5
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public corporation at the stock-market and reliable for the most german or european volksbanks. Fiducia... + continue reading
Friday, October 20, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
Google Play Store starts Bug Bounty Program for Apps Today the google security team announced to startup a new bug bounty program for the google play store android application. The program is open to random developers and chosen constituents of researchers. In a public blogpost the company... + continue reading
Friday, September 22, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
German security experts speech in front of 31,000 people The german security expert and ceo of the evolution security gmbh and founder of the vulnerability laboratory was invited as keynote speaker to the official internet security conference 2017 in beijing china. In 2017 the official topic of... + continue reading
Monday, August 14, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
Apple iOS v10.2 & v10.3 - SMS Reply & Answer Function During the last months we had setup a mobile forensic laboratory in our office to reproduce and uncover more new mobile zero-day vulnerabilities. Our first investigation was in a code lock functions of the settings - passcode module... + continue reading

Featured Cooperative Security Articles

Thursday, 29/03/18 - 1 comment(s)
Microsoft Skype Mobile v8.x - Remote Denial of Service Vulnerability Vulnerability Labs core team discovered a new denial of service vulnerability and rendering problem in Skype Mobile Client v8.12 and v8.13 this week. The vulnerability can be triggered by sending a special smiley (emoticon) content message remotely. The security problem can... + continue reading
Tuesday, 13/03/18 - 1 comment(s)
Bug Bounty Program increases payments for researchers in 2018 Today in the morning the paypal inc bug bounty program updated again within one month the official bug bounty program conditions. The newst update of j.p. morgan increases the payment amounts to a new stage for participating security researchers. The announced updates include... + continue reading

TOP SECURITY STORIES

Monday, 29/01/18 - 0 comment(s)
Banknotes Misproduction security & biometric weakness In the last months vulnerability lab team reviewed the new 20€ & 50€ banknotes of the european central bank. One of our core... + continue reading

BUG BOUNTY ISSUES

Tuesday, 13/03/18 - 1 comment(s)
Bug Bounty Program increases payments for researchers in 2018 Today in the morning the paypal inc bug bounty program updated again within one month the official bug bounty program conditions. The... + continue reading

VULNERABILITIES & BUGS

BEST SECURITY VIDEOS

Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

LAB MAGAZINE ISSUES

Wednesday, 12/03/14 - 1 comment(s)
Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Friday, 24/11/17 - 1 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading
Mon
29
Jan
Editorial_Staff_Team's picture

Banknotes Misproduction security & biometric weakness

Banknotes Misproduction security & biometric weakness

In the last months vulnerability lab team reviewed the new 20€ & 50€ banknotes of the european central bank. One of our core team researchers identified that for the security sign of the holograms are different components in usage. The security signs are build by the European Central Bank with several high profile elements in the signs to ensure, that the banknotes has a serious level of protection again fraud or fake money. After processing some time to identify an impact, we were finally able to identify the following security problematic.

Thu
04
Jan
Editorial_Staff_Team's picture

Wickr Inc - App Clock & Message Deletion Glitch

Independent Researcher scores in Wickr Inc Bug Bounty Program

The security researcher Hanno Horrmeyer uncovered a vulnerability in the wickr inc ios and android application in 2017 Q1-2. He began to research for other program participants and teams after his disclosure to the bug bounty program was not correctly acknowledged. After a short  conversation we decided to cover the hannos research as independent vulnerability laboratory researcher to assist him without any charges. If you believed until today that wickr really securly deletes your messeges, you will in a minute think different about that topic. The vulnerability details read as follows and was acknowledged finally with a bug bounty in 2017 Q4.

Pages

Subscribe to Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research RSS