Tuesday, February 11, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
Microsoft starts Xbox... + continue reading
Friday, December 20, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Apples Whitehat Hacker gift for Xmas Due to a longer period of time (January) we have stopped our Responsible Disclosure Bug Bounty Program at Apple. The reason was that Apple's security department made many mistakes in dealing with independent security researchers and did not seriously reward... + continue reading
Friday, December 13, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Whitehat in action discovers Kiosk Escape... + continue reading
Friday, November 22, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Last month, security researcher and founder of the vulnerability lab Benjamin Kunz Mejri discovered a new Microsoft Skype vulnerability. The problem has a local and a remote attack vector that can be exploited. Surprisingly, the way the attack takes place is via the client infrastructure to an... + continue reading
Monday, September 9, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Undocumented Telnetd... + continue reading
Monday, September 2, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
GPSRP pays researchers for reporting abusiv google playstore apps Adam Bacchus, Sebastian Porst, and Patrick Mutchler  of the  Android Security... + continue reading
Friday, August 9, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Apple Updates Bug Bounty Program Q4 In recent years, Apple and the company around cupertino have received massive criticism about the current Bug Bounty program. Among other things, well-known security researchers from the scene have criticized Apple for a faulty program, which attracts others but... + continue reading
Thursday, March 7, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-persistent cross site scripting issues within the front / backend of the online service. Remote attackers... + continue reading
Thursday, February 14, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Internation Bug Bounty Program to PenTest E-Voting System The federal government of switzerland offers hackers who can uncover vulnerabilities, privacy issues or simple bugs in its e-voting system up to 44,000 euros. International White Hat or ethics hackers are given the opportunity to... + continue reading

Featured Cooperative Security Articles

Friday, 20/12/19 - 3 comment(s)
Apples Whitehat Hacker gift for Xmas Due to a longer period of time (January) we have stopped our Responsible Disclosure Bug Bounty Program at Apple. The reason was that Apple's security department made many mistakes in dealing with independent security researchers and did not seriously reward them. In October, we had a meeting in Abu Dhabi (HITB... + continue reading

TOP SECURITY STORIES

Friday, 09/08/19 - 2 comment(s)
Apple Updates Bug Bounty Program Q4 In recent years, Apple and the company around cupertino have received massive criticism about the current Bug Bounty program. Among other things, well-known... + continue reading

BEST SECURITY VIDEOS

Thursday, 07/03/19 - 2 comment(s)
Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-... + continue reading

LAB MAGAZINE ISSUES

Tuesday, 11/03/14 - 1 comment(s)
Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Thursday, 23/11/17 - 2 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading
Wed
11
Jul

New HackRF Case for Devs & Pentesters Released (ABS & PLA)

New HackRF Case Available (ABS & PLA)

HackRF One first version is part of great scott gadgets which is a software defined radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. The HackRF One can send and receive almost any radio signal. This allows pentesters to disable smarthome alarm systems, open cars and intercept SMS messages. Even telephone calls can be tapped or simply listed by the frequence. The hackrf device is well known in the it-security business by researchers and developers.

Normally the hackrf is delivered with a hard metal case, metal plates and some screws like you can see in the following picture.

Thu
05
Jul

AT&T Corporation - Lab uncovers new details about BizCircle Vulnerabilities

AT&T BizCircle - Frontend & Backend Vulnerabilities

Last month, researchers in our laboratory conducted in-depth safety tests on the AT&T BizCircle Platform. This has identified a number of security holes that AT&T has now eliminated. The core researchers in the laboratory go into more detail in the article.

This time the reported security vulnerabilities of the core team were limited to the frontend and backend management of the BizCircle application. Validation weaknesses and output errors in the user profile of the application were exploited. These allowed an attacker to inject malicious script code with persistent attack vectors. The affected entries were e.g. display name, first name & load name.

Pages

Subscribe to Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research RSS