Tuesday, May 16, 2017
Posted by Editorial_Staff_Team
Reader's rate:
5
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new... + continue reading
Tuesday, January 3, 2017
Posted by Editorial_Staff_Team
Reader's rate:
4
Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in... + continue reading
Friday, December 23, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3.666665
How Super Mario Run helped a Security Research to identify a Vulnerability In september we got the first information about the new notify function within the new iOS 10.x version. The new notify function was mainly a secret to all the users until november 2016. Apple did not revealed  how... + continue reading
Tuesday, November 15, 2016
Posted by Editorial_Staff_Team
Reader's rate:
4.5
New Cloud Services, High Severity Issues & Invitation Only In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and  a half year ago the... + continue reading
Monday, November 14, 2016
Posted by Editorial_Staff_Team
Reader's rate:
5
US Military starts official "Hack the Army" Bug Bounty Program Due to the last days "Eric Fanning" secretary of the us army announced, that the new "Hack the Army" Bug Bounty Program will start soon. In 2016 the "Hack the Pentagon" Program was disclosing... + continue reading
Thursday, November 10, 2016
Posted by Editorial_Staff_Team
Reader's rate:
3
Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability About some month ago the pentester and security researcher Benjamin Kunz Mejri was pentesting for the adobe security department the actual upcoming "Connect" web services and web-application. Due to his active... + continue reading
Thursday, October 27, 2016
Posted by Editorial_Staff_Team
Reader's rate:
5
Wickr Inc Secret Messenger - Bug Bounty Program Vulnerabilities by Design Today we would like to talk about the security of the american secret messenger called "Wickr - Secret Messenger". The company of the product is located in the united states and encrypts messaging context with... + continue reading
Friday, October 14, 2016
Posted by Editorial_Staff_Team
Reader's rate:
4.333335
Mobidea - New Platforms & Mobile Applications in Scope Today we would like to present the security community a fresh and new partner "Mobidea" of our advanced network. Mobidea is a mobile programmatic affiliate network for media buyers and webmasters. The team of the... + continue reading
Monday, October 10, 2016
Posted by Editorial_Staff_Team
Reader's rate:
5
Facebook API v2.1 hit by RFC6749 Open Redirect Attack Vulnerability The vulnerability laboratory core team researcher "SaifAllah benMassaoud" discovered a zero-day RFC6749 Open Redirector Attack in Facebook API v2.1. The RFC6749 Open Redirector Attack vulnerability allows remote... + continue reading

Featured Cooperative Security Articles

Tuesday, 16/05/17 - 0 comment(s)
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new updates regarding the guidelines and scopes. The... + continue reading
Tuesday, 03/01/17 - 0 comment(s)
Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in the new telekom cloud business service and... + continue reading

BUG BOUNTY ISSUES

Tuesday, 16/05/17 - 0 comment(s)
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and... + continue reading

VULNERABILITIES & BUGS

BEST SECURITY VIDEOS

Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

IT-SECURITY EVENTS

Tuesday, 05/07/16 - 0 comment(s)
Manchester City - Football Club hosts first Hackathon in July 2016 The city of football club ManchesterCity had organized a new event #HackMCFC, which will provide participants with access to... + continue reading
Wed
30
Mar
Editorial_Staff_Team's picture

PayPal Inc Bug Bounty Program 2016 - New Vulnerability Uncovered by German Researcher

Researcher exploits Profile Service Mails via Filter Bypass Issue

The leading core research team of the vulnerability laboratory discovered today in the morning a new vulnerability in the paypal inc online service core web-application and api. The issue was uncovered by Benjamin Kunz Mejri during the participation in the official bug bounty program of paypal. After the paypal inc security department received the first analysis report of the issue, a fix was prepared immediately to protect the infrastructure and customers against active exploitation.

Technical Details

Tue
22
Mar
Editorial_Staff_Team's picture

Mobidea starts new & official Bug Bounty Program in 2016

Mobidea - Bug Bounty Program Startup in 2016

Yesterday morning we received an email by the administration of the Mobidea company regarding the new bug bounty program startup. We would like to announce with thus news article the new independent bug bounty program of "Mobidea".

All vulnerabilities and bugs can be reported via an online formular that is available at the official bug bounty page of the mobidea company page. The new program looks clean and has a trusted background for independent vulnerability researchers or security hackers that do participate.

The new and official bug bounty program do focus to the following typ of vulnerabilities and bugs ...

Mon
07
Mar
Editorial_Staff_Team's picture

Apple iOS v9.2.1, v9.1 & v9.0 - Researcher disclosed multiple PassCode Protection Bypass Vulnerabilities

Apple iOS v9.2.1 (iPhone & iPad) - Researcher disclosed multiple PassCode Bypass Vulnerabilities

Today in the early morning the vulnerability researcher and ceo of the vulnerability laboratory disclosed several new issues in the newst Apple iOS version (9.2.1). The vulnerabilities allow local attackers with physical device access to bypass the passcode protection of the iPhone (5|5s|6|6s) and iPad (Mini|1|2). Benjamin did already successful discovered around 10 vulnerabilities in the pass code module and the regular ios device protection mechanisms due to the last years. The new bugs turns a new light to the situation of apple against the fbi because of easily bypass the device protection mechanism. In the newst report of today, Benjamin released about 4 new hacks on how to bypass the security protection mechanism of the apple ios passcode module.

Technical details of the local vulnerabilities ...

Pages

Subscribe to VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research RSS