#jobs #incident #vulnerability #security-tools #patch-management #ai #malware #detection-engineering #exploit #cloud #phishing #ransomware #authentication #breach #zero-day
Articles tagged with: #bug-bounty Clear filter
Master Regex for Bug Bounty Hunting | Find Vulnerabilities Faster

Master Regex for Bug Bounty Hunting | Find Vulnerabilities Faster

cybersecurity www.reddit.com

Unlock the power of Regex in bug bounty hunting ! In this video, I'll teach you how to use Regular Expressions (Regex) to speed up your recon, identify hidden endpoints, filter responses, and detect potential vulnerabilities efficiently. Whether you're a beginner or an experienced hunter, this tutorial will help you improve your workflow and find more bugs. What You'll Learn: ✅ Basics of Regex for bug bounty ✅ Advanced Regex techniques for recon ✅ Filtering URLs, parameters & endpoints ✅...

#vulnerability #bug-bounty
0-Click Zendesk Account Takeover Vulnerability Enables Access to all Zendesk Tickets

0-Click Zendesk Account Takeover Vulnerability Enables Access to all Zendesk Tickets

Cyber Security News cybersecuritynews.com

A critical security vulnerability has been discovered in Zendesk's Android SDK implementation that allows attackers to perform mass account takeovers without any user interaction. The flaw, which earned a $3,000 bug bounty payout, stems from predictable token generation mechanisms that enable unauthorized access to all Zendesk support tickets across affected organizations. Key Takeaways1. Predictable JWT

#vulnerability #patch-management #bug-bounty
How do you handle password leak reports regarding customers/users of your service/product due to customers poor security hygiene

How do you handle password leak reports regarding customers/users of your service/product due to customers poor security hygiene

cybersecurity www.reddit.com

My company runs an online product offering with several customers using our product. We also have a bug bounty program and every now and then, we receive reports of leaked credentials pertaining to our customers. These leaked credentials are due to customer's poor security (malware on their PC, same password everywhere, etc) and not a breach on our end. I'm trying to understand the right way to handle these. Would contacting customers to inform them of their password leaks be an obligation or...

#incident #malware #breach #bug-bounty