Bug Bounty

Editorial_Staff_Team's picture

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities

Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in the new telekom cloud business service and myworkplace for paying customers.The "Deutsche Telekom" offers the "Open Telekom Cloud" a secure Infrastructure as-a-service offering based on "OpenStack". The hosting is located in highly secure data centers of the telekom in germany.

Editorial_Staff_Team's picture

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

How Super Mario Run helped a Security Research to identify a Vulnerability

Editorial_Staff_Team's picture

Barracuda Networks adapts Bug Bounty Program to Cloud Product Services

New Cloud Services, High Severity Issues & Invitation Only

In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and  a half year ago the service went into the open crowd. Dave Farrow one of the leading managers in the company of barracuda networks announced today, that the official bug bounty program will move to improve the new cloud services series.

In the followup lines of his blog post he says "We are applying that same philosophy to our Security Bug Bounty Program. Couple of key things to note on the upcoming changes".


Subscribe to RSS - Bug Bounty