Dating Site Bumble Leaves Swipes Unsecured for 100M Users
Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles.
Read More
HackerOne
Bug-Bounty Awards Spike 26% in 2020
The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify.
Read MoreTikTok Launches Bug Bounty Program Amid Security Snafus
The move is a distinct change in direction for the app, which has been criticized and even banned for its security practices.
Read MoreGrindr’s Bug Bounty Pledge Doesn’t Translate to Security
At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren’t a ‘silver bullet’ for security teams.
Read MoreCritical Slack Bug Allows Access to Private Channels, Conversations
The RCE bug affects versions below 4.4 of the Slack desktop app.
Read MoreVerizon Media, PayPal, Twitter Top Bug-Bounty Rankings
Verizon Media has paid nearly $10 million to ethical hackers via HackerOne’s platform.
Read MoreCritical GitLab Flaw Earns Bounty Hunter $20K
A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code.
Read MoreCritical GitLab Flaw Earns Bounty Hunter $20K
A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code.
Read MoreTencent Ups Top Bug-Bounty Award to $15K
The Chinese ISP has expanded its program via HackerOne.
Read MoreKatie Moussouris: The Bug Bounty Conflict of Interest
Katie Moussouris sounds off on the challenges behind creating successful bug bounty programs.
Read More