Friday, November 24, 2017
Posted by Editorial_Staff_Team
Reader's rate:
4.333335
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public corporation at the stock-market and reliable for the most german or european volksbanks. Fiducia... + continue reading
Friday, October 20, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
Google Play Store starts Bug Bounty Program for Apps Today the google security team announced to startup a new bug bounty program for the google play store android application. The program is open to random developers and chosen constituents of researchers. In a public blogpost the company... + continue reading
Friday, September 22, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
German security experts speech in front of 31,000 people The german security expert and ceo of the evolution security gmbh and founder of the vulnerability laboratory was invited as keynote speaker to the official internet security conference 2017 in beijing china. In 2017 the official topic of... + continue reading
Monday, August 14, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
Apple iOS v10.2 & v10.3 - SMS Reply & Answer Function During the last months we had setup a mobile forensic laboratory in our office to reproduce and uncover more new mobile zero-day vulnerabilities. Our first investigation was in a code lock functions of the settings - passcode module... + continue reading
Sunday, May 28, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36 Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in... + continue reading
Tuesday, May 16, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new... + continue reading
Tuesday, January 3, 2017
Posted by Editorial_Staff_Team
Reader's rate:
4.333335
Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in... + continue reading
Friday, December 23, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3.76923
How Super Mario Run helped a Security Research to identify a Vulnerability In september we got the first information about the new notify function within the new iOS 10.x version. The new notify function was mainly a secret to all the users until november 2016. Apple did not revealed  how... + continue reading
Tuesday, November 15, 2016
Posted by Editorial_Staff_Team
Reader's rate:
4.5
New Cloud Services, High Severity Issues & Invitation Only In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and  a half year ago the... + continue reading

Featured Cooperative Security Articles

Friday, 24/11/17 - 0 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public corporation at the stock-market and reliable for the most german or european volksbanks. Fiducia & GAD IT AG provides its customers with all IT... + continue reading
Friday, 20/10/17 - 0 comment(s)
Google Play Store starts Bug Bounty Program for Apps Today the google security team announced to startup a new bug bounty program for the google play store android application. The program is open to random developers and chosen constituents of researchers. In a public blogpost the company announced "The goal of the program is to further... + continue reading

BUG BOUNTY ISSUES

Friday, 20/10/17 - 0 comment(s)
Google Play Store starts Bug Bounty Program for Apps Today the google security team announced to startup a new bug bounty program for the google play store android application. The program is... + continue reading

BEST SECURITY VIDEOS

Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

IT-SECURITY EVENTS

Friday, 24/11/17 - 0 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading
Mon
14
Nov
Editorial_Staff_Team's picture

US Military starts official "Hack the Army" Bug Bounty Program

US Military starts official "Hack the Army" Bug Bounty Program

Due to the last days "Eric Fanning" secretary of the us army announced, that the new "Hack the Army" Bug Bounty Program will start soon. In 2016 the "Hack the Pentagon" Program was disclosing about 140 vulnerabilities to the infrastructure of the department of defense and pentagon. All the valuable information of the successful program made the decision more easy for representatives to lunch the next new bug bounty program called "Hack the Army".

Thu
10
Nov
Editorial_Staff_Team's picture

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

About some month ago the pentester and security researcher Benjamin Kunz Mejri was pentesting for the adobe security department the actual upcoming "Connect" web services and web-application. Due to his active researcher the pentester discovered a persistent cross site scripting vulnerability in the Adobe Connect v9.5.6 software client. The issue was reported in april 2016 to Adobe via PSIRT and resolved in november 2016. The "Adobe Connect" web conferencing software service for windows offers immersive online meeting experiences for collaboration, virtual classrooms and large scale webinars.

Thu
27
Oct
Editorial_Staff_Team's picture

Wickr Inc - When honesty disappears behind the VCP Mountain

Wickr Inc Secret Messenger - Bug Bounty Program Vulnerabilities by Design

Today we would like to talk about the security of the american secret messenger called "Wickr - Secret Messenger". The company of the product is located in the united states and encrypts messaging context with high military grades. The software is build to secure the customer against local and remote attacks but as well forensic methods of law enforcment agencies. In the development team is filled with people like jeff moss and dan kaminsky, which are assisting the process with there expertise. On January 15th, 2014, Wickr announced it is offering a  $100,000 usd bug bounty for those who find vulnerabilities that significantly impact users. After we received the invitiation to the program, we decided to participate due to a longer period of time.

Pages

Subscribe to VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research RSS