Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.
Tag Archives: hackerone
HackerOne pays $20,000 bounty after breach of own systems
In an embarrassing twist, bug bounty platform HackerOne has paid a $20,000 reward to a researcher who reported a security flaw inadvertently caused by one of its staff during… a bug submission.
Google throws bug bounty bucks at mega-popular third-party apps
Google’s going to throw more bug bounty money at the problem of nasty apps in its Play Store, it announced on Thursday. In a post from the Android Security & Privacy team’s Adam Bacchus, Sebastian Porst, and Patrick Mutchler , the company said that it’s throwing the security net over not just its own apps, but […]
Apple will hand out unlocked iPhones to vetted researchers
It formalizes the reality: “pre-jailbroken” iPhones were already on the black market.
More than 2m AT&T phones illegally unlocked by bribed insiders
The alleged, now indicted ringleader paid more than $1m in bribes to insiders who planted malware and hardware for remote unlocking.
Apple gets bug for free, while world sees first $1m bug hunter
An Argentinian has garnered $1m in bug bounties, while a German researcher has given up on getting any bounty at all from Apple.
Coinbase wallet app in SSL/TLS SNAFU, joins the insecure mobile banking club
The popular Bitcoin wallet Coinbase has a crucial security flaw in its Android apps which could allow an attacker to steal authentication codes and access users’ accounts, according to a security researcher. Coinbase is far from alone in leaving its wallet app users vulnerable, so what should you do to stay safe when using mobile banking apps?