BugCrowd Bug Bounty Disclosure: P1 – Local file read (CVE2020-3452 in CISCO ASA) – By _Sparrow
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
OSINT
BugCrowd Bug Bounty Disclosure: P5 – Clickjacking – By m4v3r1ck101
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Stored XSS [doi.gov/iacb/indian-arts-and-crafts-board-potential-violation-report ] – By Xml_
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – #2 BLIND XSS ON CONTACT PAGE .doi.gov/contact-us – By Msjsoi323_
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – Log4Shell (CVE-2021-44228) – By aminei
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – HTTP Desync Attack (Request Smuggling) – Mass Session Hijacking – By AnkitSingh
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Lack of Security Headers – By F_Robot
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – html injection in [https://edoiu.doi.gov/login/signup.php] – By CryptoKnight028
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Subdomain Takeover for rtncf-rci.ral.r4.fws.gov – By thelicato
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P2 – Privilege Escalation of Publisher Account due to IDOR – By AlWaYsHuNt
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – Able to change other publishers’ payment details – By AlWaYsHuNt
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – RCE in Bitbucket DataCenter via HazelCastPort – By SnowyOwl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Broken Access Control Issue. – By jeetbhdr
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – postMessage XSS in Tesla Payment page – By TheTime
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – Xss on – employers.indeed.com – By ig420_vrush
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – CSRF Leads to Logout any Loggedin user from their session – By DeadSniper
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information exposure through Directory Listing – By jaibalaji
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Clickjack Bug in Website – By ethicalpanther
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploadsNorth Korean Lazarus APT group targets blockchain tech companiesWatch out...
BlackCat Ransomware gang breached over 60 orgs worldwide
At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI....
Experts warn of a surge in zero-day flaws observed and exploited in 2021
The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google...
CISA: Google Releases Security Updates for Chrome
Google Releases Security Updates for Chrome Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses...
CISA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure The cybersecurity authorities of the United States, Australia, Canada, New Zealand,...
