Hacking
-
Lessons from HackerOne’s First Recharge Week
Our first-ever Recharge Week – July 1–5, 2024—aimed at giving most company employees a simultaneous week off to rest, pursue…
Read More » -
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that…
Read More » -
Be careful what you pwish for – Phishing in PWA applications
In this blogpost we discuss an uncommon type of phishing campaign targeting mobile users and analyze a case that we…
Read More » -
How a GraphQL Bug Resulted in Authentication Bypass
What Is an Authentication Bypass Vulnerability? An authentication bypass vulnerability is a weakness in a system that fails to protect…
Read More » -
Microsoft Fixed 100+ Vulnerabilities With October Patch Tuesday
42 Microsoft addressed crossed the century of vulnerability fixes, making it one of the huge update bundles released this year.…
Read More » -
Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
Oct 18, 2024Ravie LakshmananThreat Intelligence / Phishing Attack Threat actors are leveraging fake Google Meet web pages as part of…
Read More » -
How regulatory standards and cyber insurance inform each other
Business Security Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions…
Read More » -
Introducing HackerOne Gateway Internal Network Testing: Superior Security for Internal Networks
Our Solution: Precision Internal Network Testing with Zero Trust Control We are excited to introduce Gateway Internal Network Testing (INT) as the…
Read More » -
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
Oct 19, 2024Ravie LakshmananNetwork Security / Data Breach A nascent threat actor known as Crypt Ghouls has been linked to…
Read More » -
Threat actors exploit zero-days faster than ever – Week in security with Tony Anscombe
Video The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank…
Read More »