IT Lines

What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in HackerOne

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

16 Nov, 2020 API Bug, bumble, bumble boost, dating app, dating site, HackerOne, information exposure, Mobile Security, personal information, Privacy, Security News, security vulnerability, swipe right, the beeline, Vulnerabilities 0 Comments

Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles. After a taking closer look at the code for popular dating site and app Bumble, where women typically initiate the conversation, Independent Security . . . Read more

Bug-Bounty Awards Spike 26% in 2020

29 Oct, 2020 Apple, bounty payouts, Bug Bounty, COVID-19, Cross Site Scripting, ethical hackers, flaws, HackerOne, information disclosure, Most Recent ThreatLists, most valuable, most-rewarded, Security, Security News, stay at home orders, tiktok, top 10, Vulnerabilities, XSS 0 Comments

The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify. Cross-site scripting (XSS) remained the most impactful vulnerability and thus the one reaping the highest rewards for ethical hackers in 2020 for a second year running, according to a list of top 10 . . . Read more

TikTok Launches Bug Bounty Program Amid Security Snafus

16 Oct, 2020 Android, Apple, Bug Bounty, Critical flaws, Developers, ethical hackers, HackerOne, Hackers, Oracle, Security, Security News, tiktok, Vulnerabilities, Wal-Mart, Web Security 0 Comments

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

06 Oct, 2020 bounty hunter, Bug Bounty, Bugcrowd, CISA, Government, Grindr, HackerOne, Hacks, Katie Moussouris, Luta Security, pentesting, Security Analyst Summit, Security News, security vulnerability, VDP, Vulnerabilities, vulnerability disclosure program, Web Security, zoom 0 Comments

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Critical Slack Bug Allows Access to Private Channels, Conversations

31 Aug, 2020 Bug Bounty, Cloud Security, critical security vulnerability, HackerOne, oskarsv, patch, private channel access, private conversations, RCE, remote code execution, Security News, Slack, version 4.4, Vulnerabilities, Web Security 0 Comments

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.