vulnerability discovery - Cloud Security Alliance News Clipping Site

Slashdot: How WatchTowr Explored the Complexity of Vulnerability in a Secure Firewall Appliance

Oct 20, 2024

—

by

Source URL: https://it.slashdot.org/story/24/10/20/1955241/how-watchtowr-explored-the-complexity-of-vulnerability-in-a-secure-firewall-appliance Source: Slashdot Title: How WatchTowr Explored the Complexity of Vulnerability in a Secure Firewall Appliance Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a cybersecurity startup, Watchtowr, which has identified a vulnerability in Fortinet’s FortiGate SSLVPN appliance that could potentially lead to remote code execution. The analysis highlights the…

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Oct 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Source: Hacker News Title: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies Feedly Summary: Comments AI Summary and Description: Yes Summary: The text narrates the journey of a young programmer discovering a significant security vulnerability in Zendesk, which could potentially expose sensitive customer support tickets for multiple Fortune 500…

Hacker News: How to Hack the Breakthrough Prize (Ft. Session Confusion)

Sep 25, 2024

—

by

system automation

in Uncategorized

Source URL: https://varun.ch/breakthrough Source: Hacker News Title: How to Hack the Breakthrough Prize (Ft. Session Confusion) Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text exposes a significant security vulnerability termed “Session Confusion” discovered in the Breakthrough Junior Challenge website, which allowed unauthorized access to administrative functions. This finding showcases the importance of…

The Register: How $20 and a lapsed domain allowed security pros to undermine internet integrity

Sep 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/09/11/watchtowr_black_hat_whois/ Source: The Register Title: How $20 and a lapsed domain allowed security pros to undermine internet integrity Feedly Summary: What happens at Black Hat… While trying to escape the Las Vegas heat during Black Hat last month, watchTowr Labs researchers decided to poke around for weaknesses in the WHOIS protocol. They claim…

Hacker News: The Harmless Pi-Hole Bug

Aug 20, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.kiyell.com/The-Harmless-Pihole-Bug/ Source: Hacker News Title: The Harmless Pi-Hole Bug Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a security testing experience conducted on Pi-hole, an open-source ad-blocking application, in a black-box testing scenario where the author examines its dashboard for security flaws. It highlights the use of PHP for…

Tag: vulnerability discovery

Slashdot: How WatchTowr Explored the Complexity of Vulnerability in a Secure Firewall Appliance

Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies

Hacker News: How to Hack the Breakthrough Prize (Ft. Session Confusion)

The Register: How $20 and a lapsed domain allowed security pros to undermine internet integrity

Hacker News: The Harmless Pi-Hole Bug