Monday, July 23, 2018
Posted by Editorial_Staff_Team
Reader's rate:
4.5
Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018 A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a special variant of the Nightly Builds of the Firefox browser, users can search for memory errors... + continue reading
Thursday, July 19, 2018
Posted by Editorial_Staff_Team
Reader's rate:
3.75
Vulnerability Affecting Main Lead Database of Adobe Systems Within the last years the vulnerability lab core research team and individuals around the lab infrastructure discovered a lot of zero-day vulnerabilities to the psirt team of adobe system. More and more issues was resolved during the... + continue reading
Wednesday, July 18, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
Microsoft Starts New & Unique Identity Bug Bounty Program Today the microsoft corporation started a new bug bounty program for the microsoft online identity server technology. To further increase the safety of its customers, the tech giant has launched a completely new and independent bug... + continue reading
Wednesday, July 11, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
New HackRF Case Available (ABS & PLA) HackRF One first version is part of great scott gadgets which is a software defined radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. The HackRF One can send and receive almost any radio signal. This allows... + continue reading
Thursday, July 5, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
AT&T BizCircle - Frontend & Backend Vulnerabilities Last month, researchers in our laboratory conducted in-depth safety tests on the AT&T BizCircle Platform. This has identified a number of security holes that AT&T has now eliminated. The core researchers in the laboratory go... + continue reading
Tuesday, March 13, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
Bug Bounty Program increases payments for researchers in 2018 Today in the morning the paypal inc bug bounty program updated again within one month the official bug bounty program conditions. The newst update of j.p. morgan increases the payment amounts to a new stage for participating security... + continue reading
Tuesday, February 27, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
PayPal Inc - Venmo Bug Bounty Program Today in the morning paypal inc announced its newst updates of the bug bounty program. The new service is called "Venmo" and became to today official part of the bug bounty program. For the program the official terms and process for submitting... + continue reading
Saturday, February 24, 2018
Posted by Editorial_Staff_Team
Reader's rate:
5
Intel Bug Bounty Program for Public Researchers Intel decided latly after the incident of the last year with meltdown, spectre and other security issues that the bug bounty program will expand and be opened to other international security researchers. The upcoming updates are announced in a web... + continue reading
Monday, January 29, 2018
Posted by Editorial_Staff_Team
Reader's rate:
3.6
Banknotes Misproduction security & biometric weakness In the last months vulnerability lab team reviewed the new 20€ & 50€ banknotes of the european central bank. One of our core team researchers identified that for the security sign of the holograms are different components in... + continue reading

Featured Cooperative Security Articles

Monday, 23/07/18 - 0 comment(s)
Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018 A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a special variant of the Nightly Builds of the Firefox browser, users can search for memory errors completely automatically. Mozilla even wants to... + continue reading
Thursday, 19/07/18 - 0 comment(s)
Vulnerability Affecting Main Lead Database of Adobe Systems Within the last years the vulnerability lab core research team and individuals around the lab infrastructure discovered a lot of zero-day vulnerabilities to the psirt team of adobe system. More and more issues was resolved during the time from 2012 since 2018. The uncovered... + continue reading

TOP SECURITY STORIES

Monday, 23/07/18 - 0 comment(s)
Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018 A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a... + continue reading

BUG BOUNTY ISSUES

Wednesday, 18/07/18 - 0 comment(s)
Microsoft Starts New & Unique Identity Bug Bounty Program Today the microsoft corporation started a new bug bounty program for the microsoft online identity server technology. To further... + continue reading

VULNERABILITIES & BUGS

BEST SECURITY VIDEOS

Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

LAB MAGAZINE ISSUES

Wednesday, 12/03/14 - 1 comment(s)
Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Friday, 24/11/17 - 1 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading
Mon
14
Aug
Editorial_Staff_Team's picture

Apple iOS v10.2 & v10.3 - SMS Reply Access Permission Vulnerability

Apple iOS v10.2 & v10.3 - SMS Reply & Answer Function

During the last months we had setup a mobile forensic laboratory in our office to reproduce and uncover more new mobile zero-day vulnerabilities. Our first investigation was in a code lock functions of the settings - passcode module and the keyboard suggestion option. To explain the full impact we need to demonstrate the functionalities ago.

The "Answer with Message / Reply with message" allows a local idevice user to answer only to the caller with a customized or automated SMS one time. The function is available in the settings - touch id & code module. After activation of the setting, the idevice owner is able to answer directly to the caller by one sms.The answer as reply runs by the basic sms function over the provider and can generate costs.

Sun
28
May
Editorial_Staff_Team's picture

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36

Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in skype, when a crash occured during an interaction by the usual suspect Benjamin Kunz Mejri. Benjamin is well known for discovering vulnerabilities in skype software. In the last years, his researches on the software mainly stucked and no new public vulnerabilities were uncovered until 2014. The new detected vulnerability has indeed a critical impact to local and remote skype users and is explained as followed.

Pages

Subscribe to Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research RSS