RedPacket SecurityHackerOne Bug Bounty Disclosure: liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox/
HackerOne Bug Bounty Disclosure: another-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-another-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox/
AltherI would like to share a blog post by HackerOne. It is an interesting read, because it describes how AI vulnerability findings evolved from slop to verified exploitable risks. Verification and prioritization become increasingly important. Because the amount of reported vulnerabilities increases a lot more than teams are able to fix, it becomes inevitable to adapt remediation strategies. Periodic remediation becomes obsolete. We need to achieve continuous remediation processes that are automated as much as possible.
Blog post: https://www.hackerone.com/blog/continuous-threat-exposure-management-remediation-crisis
#cybersecurity #security #infosec #vulnerability #hacking #hackerone
HackerOne Bug Bounty Disclosure: double-fdrop-on-a-socket-through-sys-netcontrol-slidybat - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-double-fdrop-on-a-socket-through-sys-netcontrol-slidybat/
HackerOne Bug Bounty Disclosure: improper-input-validation-on-exported-deep-link-handler-crashes-filedisplayactivity-on-crafted-external-url-denial-of-service-khoof - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-improper-input-validation-on-exported-deep-link-handler-crashes-filedisplayactivity-on-crafted-external-url-denial-of-service-khoof/
HackerOne Bug Bounty Disclosure: cve-wrong-reuse-of-smb-connection-osama-hamad - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-cve-wrong-reuse-of-smb-connection-osama-hamad/
HackerOne Bug Bounty Disclosure: heap-buffer-overflow-in-curl-ssl-push-certinfo-len-sole-bounds-check-is-debugassert-h-zh-z - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-heap-buffer-overflow-in-curl-ssl-push-certinfo-len-sole-bounds-check-is-debugassert-h-zh-z/
HackerOne Bug Bounty Disclosure: ps-bd-j-privilege-escalation-using-nested-jar-gezine - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-ps-bd-j-privilege-escalation-using-nested-jar-gezine/
HackerOne Bug Bounty Disclosure: stack-exhaustion-in-mime-multipart-reading-with-deeply-nested-subparts-wi-w - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-stack-exhaustion-in-mime-multipart-reading-with-deeply-nested-subparts-wi-w/
HackerOne Bug Bounty Disclosure: use-after-free-in-smb-connection-reuse-req-path-dangling-pointer-after-needle-destruction-nadsec - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-use-after-free-in-smb-connection-reuse-req-path-dangling-pointer-after-needle-destruction-nadsec/
