Google Upgrades VRP Bug Bounty Platform

Wednesday, July 28, 2021
Posted by Editorial_Staff_Team
Bug Bounty
0 comment(s)
Reader's rate:
5
10th Anniversary - VRP Upgrade Google announced this week on its official security blog that the current bug bounty program will be rebranded for its anniversary. As with other vulnerability disclosure platforms, a gamification model will be used to further motivate the research community.... + continue reading

MSRC extends Bug Bounty Program for Microsoft Teams

Tuesday, April 6, 2021
Posted by Editorial_Staff_Team
Bug Bounty
0 comment(s)
Reader's rate:
5
New Teams Desktop Client Bug Bounty Program Microsoft Teams is a platform developed by Microsoft that combines chat, meetings, notes and attachments. The service is integrated into the Microsoft 365 suite with Microsoft Office and Skype/Skype for Business. In recent weeks, microsoft's msrc... + continue reading

Ebay Inc Identity Security Check Default PIN in 2021

Friday, January 15, 2021
Posted by Editorial_Staff_Team
Published Vulnerabilities
3 comment(s)
Reader's rate:
5
New Ebay Inc Identity Security Check Default PIN in 2021 In the last weeks we have reviewed several identity security check mechanisms of large coporates. Due to that we figured out a funny case with ebay inc. Ebay inc owns a new security identity check function that uses a algorithm to... + continue reading

German Bundeswehr starts own Responsible Disclosure Program (VDPBw)

Thursday, October 22, 2020
Posted by Editorial_Staff_Team
Top Stories
4 comment(s)
Reader's rate:
4.76923
Bundeswehr Responsible Disclosure Program (VDPBw) Today, on october 22, the German Armed Forces "Bundeswehr" officially launched the new Responsible Disclosure Program for reporting vulnerabilities and security vulnerabilities. Preparations have been underway for a few weeks now and can be... + continue reading

Sparkasse Safe - Two Functions One Token to Go

Wednesday, September 16, 2020
Posted by Editorial_Staff_Team
Published Vulnerabilities
0 comment(s)
Reader's rate:
4
Bypassing using Exchange of Session Credentials In recent weeks, a new application has been released at the sparkasse in germany. This is the "secure safe" for documents... + continue reading

Vulnerability in LANCOM Systems Wireless Controller Series uncovered

Thursday, May 7, 2020
Posted by Editorial_Staff_Team
Top Stories
2 comment(s)
Reader's rate:
5
LANCOM Systems Wireless Controller Series (Public Spot) - Several Patches Released by Support Today Security researchers of the vulnerability laboratory core research team uncovered about 3 weeks ago a new vulnerability in the LANCOM Systems wireless controller product series. With WLAN... + continue reading

Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020

Thursday, April 30, 2020
Posted by Editorial_Staff_Team
Top Stories
10 comment(s)
Reader's rate:
4.785715
The Digital Bank Robbery of the Year 2020 - APT "Golden_hands" (Government Emergency Aid) In last 4-5 weeks our company Evolution Security GmbH and all around us were affected by the economy crisis that came cold from the back. This is a story about advanced persistent threats in Germany and the... + continue reading

Microsoft Windows 2012 R2 (x64) - (MMC) Local DoS Vulnerability

Wednesday, April 29, 2020
Posted by Editorial_Staff_Team
Published Vulnerabilities
1 comment(s)
Reader's rate:
5
Pointer Issue crashs local mmc.exe process on Microsoft Windows 2012 R2 x64 Due to a test in a staging-system that was fresh setup with a windows 2012 r2 release the researcher of the vulnerability lab identified a serious local denial of service vulnerability affecting different other microsoft... + continue reading

Bundeswehr Career Page - Weak spot permanently closed

Saturday, April 4, 2020
Posted by Editorial_Staff_Team
Published Vulnerabilities
2 comment(s)
Reader's rate:
5
Security gap in search function of Bundeswehr web application patched About some time ago, we had a look at the latest Bundeswehr website (https://www.bundeswehrkarriere.de/) in our lab. We noticed an error in the output of the validation of an application. We then investigated this error in... + continue reading

Featured Cooperative Security Articles

Google Upgrades VRP Bug Bounty Platform

Wednesday, 28/07/21 - 0 comment(s)
10th Anniversary - VRP Upgrade Google announced this week on its official security blog that the current bug bounty program will be rebranded for its anniversary. As with other vulnerability disclosure platforms, a gamification model will be used to further motivate the research community. Gamification is the transfer of game-typical... + continue reading

MSRC extends Bug Bounty Program for Microsoft Teams

Tuesday, 06/04/21 - 0 comment(s)
New Teams Desktop Client Bug Bounty Program Microsoft Teams is a platform developed by Microsoft that combines chat, meetings, notes and attachments. The service is integrated into the Microsoft 365 suite with Microsoft Office and Skype/Skype for Business. In recent weeks, microsoft's msrc team has added the Microsoft Teams application to... + continue reading

Jump back to navigation

TOP SECURITY STORIES

German Bundeswehr starts own Responsible Disclosure Program (VDPBw)

Thursday, 22/10/20 - 4 comment(s)
Bundeswehr Responsible Disclosure Program (VDPBw) Today, on october 22, the German Armed Forces "Bundeswehr" officially launched the new Responsible Disclosure Program for reporting... + continue reading

Vulnerability in LANCOM Systems Wireless Controller Series uncovered

07/05/20 - 2 comment(s)

Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020

30/04/20 - 10 comment(s)

Apple extends exisiting private bug bounty program at the end of the year

09/08/19 - 2 comment(s)

+ View all
Jump back to navigation

BUG BOUNTY ISSUES

Google Upgrades VRP Bug Bounty Platform

Wednesday, 28/07/21 - 0 comment(s)
10th Anniversary - VRP Upgrade Google announced this week on its official security blog that the current bug bounty program will be rebranded for its anniversary. As with other vulnerability... + continue reading

MSRC extends Bug Bounty Program for Microsoft Teams

06/04/21 - 0 comment(s)

Microsoft starts Xbox & Xbox Live Bug Bounty Program

11/02/20 - 3 comment(s)

Apple launches public Bug Bounty Program and delights Security Community

20/12/19 - 3 comment(s)

+ View all
Jump back to navigation

VULNERABILITIES & BUGS

Ebay Inc Identity Security Check Default PIN in 2021

Friday, 15/01/21 - 3 comment(s)
New Ebay Inc Identity Security Check Default PIN in 2021 In the last weeks we have reviewed several identity security check mechanisms of large coporates. Due to that we figured out a funny case... + continue reading

Sparkasse Safe - Two Functions One Token to Go

16/09/20 - 0 comment(s)

Microsoft Windows 2012 R2 (x64) - (MMC) Local DoS Vulnerability

29/04/20 - 1 comment(s)

Bundeswehr Career Page - Weak spot permanently closed

04/04/20 - 2 comment(s)

+ View all
Jump back to navigation

BEST SECURITY VIDEOS

Telekom Magenta Musik 360 - Multiple Cross Site Scripting Vulnerabilities

Thursday, 07/03/19 - 2 comment(s)
Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-... + continue reading

PayPal Inc patched medium severity Cross Site Request Forgery Issue

25/08/15 - 0 comment(s)

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

+ View all
Jump back to navigation

LAB MAGAZINE ISSUES

Welcome to "Vulnerability Magazine"

Tuesday, 11/03/14 - 1 comment(s)
Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

+ View all
Jump back to navigation

IT-SECURITY EVENTS

Edward Snowden free speech at JBFone - Data Security & Privacy

Thursday, 23/11/17 - 2 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading

Internet Security Conference 2017 by Qihoo 360

22/09/17 - 0 comment(s)

Manchester City - Football Club hosts first Hackathon in July 2016

05/07/16 - 0 comment(s)

Hack in the Box | Amsterdam 2015 | HITB

30/05/15 - 3 comment(s)

+ View all
Jump back to navigation

Wed
28
Jul

Google Upgrades VRP Bug Bounty Platform

Submitted by Editorial_Staff_Team on Wed, 07/28/2021 - 10:28

10th Anniversary - VRP Upgrade

Google announced this week on its official security blog that the current bug bounty program will be rebranded for its anniversary. As with other vulnerability disclosure platforms, a gamification model will be used to further motivate the research community.

Gamification is the transfer of game-typical elements and processes into non-game contexts with the aim of changing behavior and increasing motivation among users.

Tue
06
Apr

MSRC extends Bug Bounty Program for Microsoft Teams

Submitted by Editorial_Staff_Team on Tue, 04/06/2021 - 16:11

New Teams Desktop Client Bug Bounty Program

Microsoft Teams is a platform developed by Microsoft that combines chat, meetings, notes and attachments. The service is integrated into the Microsoft 365 suite with Microsoft Office and Skype/Skype for Business.

In recent weeks, microsoft's msrc team has added the Microsoft Teams application to the bug bounty program that currently already exists. In a public post on the msrc newsblog the team announced the new program.

Pages

Subscribe to Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research RSS

Syndicate

Subscribe to Syndicate