Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research | Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research

Google Expands Vulnerability Reward Program - Combat Platform Abuse in 2018

Monday, August 20, 2018

Posted by Editorial_Staff_Team

Reader's rate:

Google Expands Existing Bug Bounty Program in 2018 Google now wants to reward security researchers who are able to report methods of misuse of googles product series. Google has expanded its bug bounty program to include rewards that go beyond reporting specific vulnerabilities. Security... + continue reading

New Banana PI R1 SD V3 Case for Devs & PenTesters Available

Tuesday, July 24, 2018

Posted by Editorial_Staff_Team

Top Stories

0 comment(s)

Reader's rate:

New Banana PI R1 SD V3 Case Available The Banana Pi R1 is a router based on the same SoC as the M1 Classic Pi. The R1 is an open hardware router that runs on a variety of open source operating systems such as OpenWrt, Android and Bananian. The R1 has a slim router form factor with a bay for 2.5... + continue reading

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018

Monday, July 23, 2018

Posted by Editorial_Staff_Team

Top Stories

0 comment(s)

Reader's rate:

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018 A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a special variant of the Nightly Builds of the Firefox browser, users can search for memory errors... + continue reading

Hacker Injects Arbitrary Codes to Main Lead Database of Adobe Systems

Thursday, July 19, 2018

Posted by Editorial_Staff_Team

Top Stories

0 comment(s)

Reader's rate:

Vulnerability Affecting Main Lead Database of Adobe Systems Within the last years the vulnerability lab core research team and individuals around the lab infrastructure discovered a lot of zero-day vulnerabilities to the psirt team of adobe system. More and more issues was resolved during the... + continue reading

New Bug Bounty Program for Identity Technologie by Microsoft

Wednesday, July 18, 2018

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

Microsoft Starts New & Unique Identity Bug Bounty Program Today the microsoft corporation started a new bug bounty program for the microsoft online identity server technology. To further increase the safety of its customers, the tech giant has launched a completely new and independent bug... + continue reading

New HackRF Case for Devs & Pentesters Released (ABS & PLA)

Wednesday, July 11, 2018

Posted by Editorial_Staff_Team

Top Stories

1 comment(s)

Reader's rate:

New HackRF Case Available (ABS & PLA) HackRF One first version is part of great scott gadgets which is a software defined radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. The HackRF One can send and receive almost any radio signal. This allows... + continue reading

AT&T Corporation - Lab uncovers new details about BizCircle Vulnerabilities

Thursday, July 5, 2018

Posted by Editorial_Staff_Team

Bug Bounty

2 comment(s)

Reader's rate:

AT&T BizCircle - Frontend & Backend Vulnerabilities Last month, researchers in our laboratory conducted in-depth safety tests on the AT&T BizCircle Platform. This has identified a number of security holes that AT&T has now eliminated. The core researchers in the laboratory go... + continue reading

PayPal Inc Increases Bug Bounty Payments in 2018 up to 30.000$

Tuesday, March 13, 2018

Posted by Editorial_Staff_Team

Bug Bounty

1 comment(s)

Reader's rate:

Bug Bounty Program increases payments for researchers in 2018 Today in the morning the paypal inc bug bounty program updated again within one month the official bug bounty program conditions. The newst update of j.p. morgan increases the payment amounts to a new stage for participating security... + continue reading

PayPal Inc Updates the Bug Bounty Program with Venmo Payments Services

Tuesday, February 27, 2018

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

PayPal Inc - Venmo Bug Bounty Program Today in the morning paypal inc announced its newst updates of the bug bounty program. The new service is called "Venmo" and became to today official part of the bug bounty program. For the program the official terms and process for submitting... + continue reading

Featured Cooperative Security Articles

Google Expands Vulnerability Reward Program - Combat Platform Abuse in 2018

Monday, 20/08/18 - 0 comment(s)

New Banana PI R1 SD V3 Case for Devs & PenTesters Available

Tuesday, 24/07/18 - 0 comment(s)

This Week Most Popular

BUG BOUNTY ISSUES

Google Expands Vulnerability Reward Program - Combat Platform Abuse in 2018

Monday, 20/08/18 - 0 comment(s)

New Bug Bounty Program for Identity Technologie by Microsoft

18/07/18 - 0 comment(s)

AT&T Corporation - Lab uncovers new details about BizCircle Vulnerabilities

05/07/18 - 2 comment(s)

PayPal Inc Increases Bug Bounty Payments in 2018 up to 30.000$

13/03/18 - 1 comment(s)

VULNERABILITIES & BUGS

Lab Researcher discovered Microsoft Skype Denial of Service Vulnerability

Thursday, 29/03/18 - 1 comment(s)

Microsoft Skype Mobile v8.x - Remote Denial of Service Vulnerability Vulnerability Labs core team discovered a new denial of service vulnerability and rendering problem in Skype Mobile Client v8.... + continue reading

Apple iOS v10.2 & v10.3 - SMS Reply Access Permission Vulnerability

14/08/17 - 2 comment(s)

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

28/05/17 - 2 comment(s)

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

10/11/16 - 0 comment(s)

BEST SECURITY VIDEOS

PayPal Inc patched medium severity Cross Site Request Forgery Issue

Tuesday, 25/08/15 - 0 comment(s)

PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

Ebay Inc coordinated patch of 3 Magento Vulnerabilities (IVE, XSS & CSRF)

23/06/15 - 1 comment(s)

LAB MAGAZINE ISSUES

Welcome to "Vulnerability Magazine"

Wednesday, 12/03/14 - 1 comment(s)

Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Edward Snowden free speech at JBFone - Data Security & Privacy

Friday, 24/11/17 - 1 comment(s)

Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading

Internet Security Conference 2017 by Qihoo 360

22/09/17 - 0 comment(s)

Manchester City - Football Club hosts first Hackathon in July 2016

05/07/16 - 0 comment(s)

Hack in the Box | Amsterdam 2015 | HITB

31/05/15 - 3 comment(s)

ARTICLES - IMAGES GALLERY PREVIEW

Google Expands Vulnerability Reward Program - Combat...

New Banana PI R1 SD V3 Case for Devs & PenTesters...

Mozilla's New ASan Nightly Build Project Bug Bounty...

Hacker Injects Arbitrary Codes to Main Lead Database of...

New Bug Bounty Program for Identity Technologie by Microsoft

New HackRF Case for Devs & Pentesters Released (ABS...

AT&T Corporation - Lab uncovers new details about...

Lab Researcher discovered Microsoft Skype Denial of Service...

PayPal Inc Increases Bug Bounty Payments in 2018 up to 30....

PayPal Inc Updates the Bug Bounty Program with Venmo...

Intel expands the own Bug Bounty Program for Security...

Banknotes Misproduction security & biometric weakness

Wickr Inc - App Clock & Message Deletion Glitch

Edward Snowden free speech at JBFone - Data Security &...

Google starts new - Security Reward Program for Android Apps

Internet Security Conference 2017 by Qihoo 360

Apple iOS v10.2 & v10.3 - SMS Reply Access Permission...

Stack Buffer Overflow Zero Day Vulnerability uncovered in...

PayPal Inc announces 2 new Bug Bounty Program Domains

Telekom Cloud & Web SSO vulnerable to Bypass &...

Thu

May

PayPal Inc Bug Bounty - Researcher discovered filter bypass & persistent input validation issue 2014Q2

Submitted by Editorial_Staff_Team on Thu, 05/15/2014 - 13:57

The famous pakistani vulnerability researcher and security consultant Ateeq ur Rehman Khan (vulnerability lab core team) discovered a high severity issue in the paypal shipping application api. PayPal MultiOrder Shipping (MOS) is a tool that helps eBay businesses save time by allowing them to print up to 50 US Postal Service shipping labels at a time directly from their PayPal accounts.

The vulnerability has been reported by Ateeq ur Rehman in 2013 Q4 via Vulnerability Laboratory to the official PayPal Inc bug bounty program. The program provides a responsible disclosure policy to individuals and researchers.

Mon

Apr

German Telekom Bug Bounty Program - Scope changes! Exclude of 3 Bug Types

Submitted by Editorial_Staff_Team on Mon, 04/14/2014 - 22:53

The official Telekom Bug Bounty Program announced since december 2013 that in 2014 the vulnerability scope guidlines became a persistent upgrade.

A lot of unauthorized individuals have submitted a lot of client-side cross site scripting vulnerabilities by usage of public security scanners software/scripts.

The reports overflowed the telekom program and as consequence a major update to change came up by exclude of several "small" attacks vectors.

They do not block to receive client-side cross site issues because they also need to patch them but the main scope has been changed to major security issues in 2014.

The german telekom decided to disallow to reward the following categories of bugs: