Alternatives to HackerOne for vulnerability disclosure policy hosting?
Hi,Over the past weeks I have been trying to set up a HackerOne vulnerability disclosure program for my personal website/blog, however I am having trouble passing their approval process. This seems to be because my site is mainly static content and doesn't have much/any user input/personal sensitive information at risk, as well as the fact that I am not a commercial organisation.I have no plans to issue monetary bounties since this is a small personal project, however having a public disclosure platform and place to thank researchers would be nice.I know that I could just host a page myself (I already do), however been on a proper platform helps with exposure and makes it feel much more official.Is anybody aware of any good alternatives to HackerOne that welcome non-profit/personal projects, or can anybody with experience with HackerOne offer some tips for passing the approval process?Thanks for your help, Jamie
Submitted February 03, 2018 at 05:21AM by JamieOnUbuntu
via reddit http://ift.tt/2nz6rwy
Hi,Over the past weeks I have been trying to set up a HackerOne vulnerability disclosure program for my personal website/blog, however I am having trouble passing their approval process. This seems to be because my site is mainly static content and doesn't have much/any user input/personal sensitive information at risk, as well as the fact that I am not a commercial organisation.I have no plans to issue monetary bounties since this is a small personal project, however having a public disclosure platform and place to thank researchers would be nice.I know that I could just host a page myself (I already do), however been on a proper platform helps with exposure and makes it feel much more official.Is anybody aware of any good alternatives to HackerOne that welcome non-profit/personal projects, or can anybody with experience with HackerOne offer some tips for passing the approval process?Thanks for your help, Jamie
Submitted February 03, 2018 at 05:21AM by JamieOnUbuntu
via reddit http://ift.tt/2nz6rwy
reddit
Alternatives to HackerOne for vulnerability... • r/security
Hi, Over the past weeks I have been trying to set up a HackerOne vulnerability disclosure program for my personal website/blog, however I am...
Criteria for evaluating a high quality Security products
http://ift.tt/2ECT8Cs
Submitted February 03, 2018 at 08:50AM by securitybox
via reddit http://ift.tt/2DWT1Ro
http://ift.tt/2ECT8Cs
Submitted February 03, 2018 at 08:50AM by securitybox
via reddit http://ift.tt/2DWT1Ro
SecurityBox
Tiêu chí đánh giá một Sản phẩm ATTT chất lượng cao
Cuộc thi đánh giá sản phẩm An toàn thông tin chất lượng cao đã được nhiều nước trên thế giới quan tâm từ rất sớm khi điện toán đám mây và Internet nở rộ. Vậy đâu là tiêu chí đánh giá một sản phẩm ATTT (sản phẩm bảo mật) chất lượng cao? Dưới đây là những tiêu…
Newly Detected Malware Uses NSA Exploit To Mine Monero, Over 500K PCs Infected
http://ift.tt/2EsyftH
Submitted February 03, 2018 at 10:00AM by bitlexa
via reddit http://ift.tt/2nE29Dt
http://ift.tt/2EsyftH
Submitted February 03, 2018 at 10:00AM by bitlexa
via reddit http://ift.tt/2nE29Dt
Lateral Movement with DCOM and PowerPoint Add-Ins
http://ift.tt/2nuUsQL
Submitted February 03, 2018 at 09:43AM by attactics
via reddit http://ift.tt/2BRBjfY
http://ift.tt/2nuUsQL
Submitted February 03, 2018 at 09:43AM by attactics
via reddit http://ift.tt/2BRBjfY
reddit
Lateral Movement with DCOM and PowerPoint Add-Ins • r/netsec
24 points and 0 comments so far on reddit
Botnet for mining Monero has infected more than half a million servers
http://ift.tt/2EAcFnh
Submitted February 03, 2018 at 02:33PM by bitlexa
via reddit http://ift.tt/2GJ9iv5
http://ift.tt/2EAcFnh
Submitted February 03, 2018 at 02:33PM by bitlexa
via reddit http://ift.tt/2GJ9iv5
An automated detection of cryptojacking
http://ift.tt/2GHOrbv
Submitted February 03, 2018 at 05:20PM by 1lastBr3ath
via reddit http://ift.tt/2DVh330
http://ift.tt/2GHOrbv
Submitted February 03, 2018 at 05:20PM by 1lastBr3ath
via reddit http://ift.tt/2DVh330
GitHub
1lastBr3ath/drmine
Dr. Mine is a node noscript written to aid automatic detection of in-browser cryptojacking. - 1lastBr3ath/drmine
Microsoft Defender anti-ransomwear bypass
http://ift.tt/2FIARmz
Submitted February 03, 2018 at 07:32PM by le-quack
via reddit http://ift.tt/2DWyhJf
http://ift.tt/2FIARmz
Submitted February 03, 2018 at 07:32PM by le-quack
via reddit http://ift.tt/2DWyhJf
Securitybydefault
Microsoft Anti Ransomware bypass (not a vulnerability for Microsoft)
Since Windows 10 Fall Creators Update, Microsoft added protection for Ransomware in their product ‘Windows Defender’. This new feature u...
Can telegram bot be used as 2fa?
In telegram you can send your mobile number to a bot. This can be used as proof that this is your number. This can be used as secondary 2fa telegram->sms as fallback.Can other messengers be used as such?
Submitted February 03, 2018 at 06:40PM by nikitastaf1996
via reddit http://ift.tt/2s4blXd
In telegram you can send your mobile number to a bot. This can be used as proof that this is your number. This can be used as secondary 2fa telegram->sms as fallback.Can other messengers be used as such?
Submitted February 03, 2018 at 06:40PM by nikitastaf1996
via reddit http://ift.tt/2s4blXd
reddit
Can telegram bot be used as 2fa? • r/security
In telegram you can send your mobile number to a bot. This can be used as proof that this is your number. This can be used as secondary 2fa...
Why are we all silent on the surveillance?
http://ift.tt/2EbF3hz
Submitted February 03, 2018 at 08:03PM by spynews
via reddit http://ift.tt/2EeXjqI
http://ift.tt/2EbF3hz
Submitted February 03, 2018 at 08:03PM by spynews
via reddit http://ift.tt/2EeXjqI
Security Affairs
Why are we all silent on the surveillance?
Silicon Valley with its bright minds has come to a point where almost every day they collect information about individuals. Also, they don’t hesitate to dig deep to find as much as possible.
Stacking TOR hidden services to provide an optimally secure and anonymous web app
http://ift.tt/2s4u2Kq
Submitted February 03, 2018 at 10:45PM by LuN4tiK86
via reddit http://ift.tt/2GILTK1
http://ift.tt/2s4u2Kq
Submitted February 03, 2018 at 10:45PM by LuN4tiK86
via reddit http://ift.tt/2GILTK1
Medium
PinkDate: If Silk Road had used this design, they’d still be online
PinkDate is the world’s first anonymously operating escort agency, leveraging blockchain fundraising and payments with anonymity…
New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme
http://ift.tt/2nxFPfh
Submitted February 04, 2018 at 03:41AM by majorllama
via reddit http://ift.tt/2E9MA0F
http://ift.tt/2nxFPfh
Submitted February 04, 2018 at 03:41AM by majorllama
via reddit http://ift.tt/2E9MA0F
BleepingComputer
New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme
The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme.
(ISC)² Systems Security Certified Practitioner (SSCP) | Coursera training course
http://ift.tt/2FEv55F
Submitted February 04, 2018 at 05:49AM by brainborg
via reddit http://ift.tt/2GKuroH
http://ift.tt/2FEv55F
Submitted February 04, 2018 at 05:49AM by brainborg
via reddit http://ift.tt/2GKuroH
Coursera
(ISC)² Systems Security Certified Practitioner (SSCP)
Offered by (ISC)². Pursue better IT security job opportunities and prove knowledge with confidence. The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path…
Free Ethical Hacking Course - Module 3 - Network Scanning
http://ift.tt/2s8Lbmc
Submitted February 04, 2018 at 05:47AM by gburu
via reddit http://ift.tt/2GIcXZM
http://ift.tt/2s8Lbmc
Submitted February 04, 2018 at 05:47AM by gburu
via reddit http://ift.tt/2GIcXZM
en.gburu.net
Free Ethical Hacking Course - Module 3 - Network Scanning - en.gburu.net
Free ethical hacking course. Module 3 - Network Scanning, you will learn the techniques that hackers use to scan networks.
Attackers Exploiting Unpatched Flaw in Flash
http://ift.tt/2FAm2CH
Submitted February 04, 2018 at 07:12AM by volci
via reddit http://ift.tt/2E0qHxx
http://ift.tt/2FAm2CH
Submitted February 04, 2018 at 07:12AM by volci
via reddit http://ift.tt/2E0qHxx
reddit
Attackers Exploiting Unpatched Flaw in Flash • r/security
1 points and 0 comments so far on reddit
AFRL Anticipates Arrival of Neuromorphic Supercomputer
http://ift.tt/2s5Pqid
Submitted February 04, 2018 at 08:53AM by robert_brooks
via reddit http://ift.tt/2GKyW2f
http://ift.tt/2s5Pqid
Submitted February 04, 2018 at 08:53AM by robert_brooks
via reddit http://ift.tt/2GKyW2f
SIGNAL Magazine
AFRL Anticipates Arrival of Neuromorphic Supercomputer
The U.S. Air Force Research Laboratory (AFRL) is set to receive a neuromorphic supercomputer from IBM this summer.
Malware using Meltdown and Spectre attacks under develoment – Windows Defender quarantines PoC tools
http://ift.tt/2sbPzkv
Submitted February 04, 2018 at 01:36PM by rediii123
via reddit http://ift.tt/2E0Ilkq
http://ift.tt/2sbPzkv
Submitted February 04, 2018 at 01:36PM by rediii123
via reddit http://ift.tt/2E0Ilkq
Get extremely Strong Passwords!
http://ift.tt/2s9jcTq
Submitted February 04, 2018 at 02:05PM by akshatsoni
via reddit http://ift.tt/2GHiwaV
http://ift.tt/2s9jcTq
Submitted February 04, 2018 at 02:05PM by akshatsoni
via reddit http://ift.tt/2GHiwaV
Frisson Passwords
Passwords based on Physics.
Malware using Meltdown and Spectre attacks under develoment – Windows Defender quarantines PoC tools
http://ift.tt/2sbPzkv
Submitted February 04, 2018 at 01:37PM by rediii123
via reddit http://ift.tt/2BU5rax
http://ift.tt/2sbPzkv
Submitted February 04, 2018 at 01:37PM by rediii123
via reddit http://ift.tt/2BU5rax
reddit
Malware using Meltdown and Spectre attacks under... • r/netsec
22 points and 0 comments so far on reddit
DCOM Lateral Movement Methods, And How To Catch Them
http://ift.tt/2DZ5yYh
Submitted February 04, 2018 at 02:40PM by another_philip
via reddit http://ift.tt/2nF4oqb
http://ift.tt/2DZ5yYh
Submitted February 04, 2018 at 02:40PM by another_philip
via reddit http://ift.tt/2nF4oqb
Cybereason
New lateral movement techniques abuse DCOM technology
The arsenal of lateral movement techniques was expanded with new methods that abuse the DCOM functionality of Windows applications.
Turkish--Web Application Firewall Bypass Methods (WAF BYPASS) //Turkish Documents
http://ift.tt/2E0xDug
Submitted February 04, 2018 at 03:55PM by rdincel1
via reddit http://ift.tt/2EEKX96
http://ift.tt/2E0xDug
Submitted February 04, 2018 at 03:55PM by rdincel1
via reddit http://ift.tt/2EEKX96
reddit
Turkish--Web Application Firewall Bypass Methods (WAF... • r/netsec
2 points and 0 comments so far on reddit
Turkish--HTTP Flood Attack [TR]
http://ift.tt/2s8B1C5
Submitted February 04, 2018 at 04:33PM by rdincel1
via reddit http://ift.tt/2nHTwrw
http://ift.tt/2s8B1C5
Submitted February 04, 2018 at 04:33PM by rdincel1
via reddit http://ift.tt/2nHTwrw
reddit
Turkish--HTTP Flood Attack [TR] • r/netsec
0 points and 0 comments so far on reddit