Infosec products of the month: April 2025 https://www.helpnetsecurity.com/2025/05/02/infosec-products-of-the-month-april-2025/ #ArcticWolfNetworks #RunSafeSecurity #SkyhawkSecurity #CatoNetworks #IndexEngines #SealSecurity #StellarCyber #Bitdefender #Seemplicity #AbnormalAI #Flashpoint #PowerDMARC #1touch.io #Forescout #AppViewX #BitSight #Bugcrowd #LastPass #PlexTrac #Swimlane #Veracode #CyberQP #Entrust #Exabeam #Saviynt #Varonis #Cyware #News #Jit

Bugcrowd enables organizations to test their security environments https://www.helpnetsecurity.com/2025/04/29/bugcrowd-rtaas/ #Industrynews #Bugcrowd #RSAC2025

I did get a random #BugCrowd password reset email. Everything appears to check out, sooooo.... Data breach?

Uh, anyone else get a password reset email from #bugcrowd ?

100,000 customers got their data exposed publicly for months.

Newfold Digital told me I'm not allowed to disclose this and Bugcrowd told me my account might get banned if I do.

I've talked about this incident before in some posts here but never gave the full story, it's out now:

https://jltee.substack.com/p/risk-a-ban-by-alerting-100000-people

MasterCard DNS Error Went Unnoticed for Years https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/ #HowtoBreakIntoSecurity #PhilippeCaturegli #ALittleSunshine #azmastercardcom #awsdns06ne #CloudFlare #mastercard #Bugcrowd #akamnet #Seralys #akamne #Akamai #google #Azure

MasterCard DNS Error Went Unnoticed for Years - The payment card giant MasterCard just fixed a glaring error in its domain name se... https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/ #howtobreakintosecurity #az.mastercard.com #philippecaturegli #alittlesunshine #awsdns-06.ne #cloudflare #mastercard #akam.net #bugcrowd #akam.ne #seralys #akamai #google #azure

Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd https://www.helpnetsecurity.com/2025/01/09/2025-cybersecurity-community/ #artificialintelligence #Expertanalysis #cybercriminals #collaboration #cybersecurity #Expertcorner #predictions #Don'tmiss #Hotstuff #Bugcrowd #opinion #News #CISO

AI is becoming the weapon of choice for cybercriminals https://www.helpnetsecurity.com/2024/12/20/ai-technologies-challenges-2024/ #artificialintelligence #CloudSecurityAlliance #cybersecurity #LegitSecurity #DeepInstinct #GenerativeAI #Bitdefender #GitGuardian #GoogleCloud #AuditBoard #1Password #Bugcrowd #CyberArk #Deloitte #Netskope #Netacea #Code42 #Immuta #Ivanti #Lakera #report #survey #Venafi #Cisco #News #RWS

Bugcrowd Names Trey Ford as CISO – Source: www.darkreading.com https://ciso2ciso.com/bugcrowd-names-trey-ford-as-ciso-source-www-darkreading-com/ #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #DARKReading #Bugcrowd

Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd https://ciso2ciso.com/inside-the-mind-of-a-ciso-2024-the-evolving-roles-of-security-leaders-2024-by-bugcrowd/ #0-CT-CISOStrategics-CISOLearn&Leadership #0CTCISOStrategicsCybersecurityAwareness #0-CT-CISOStrategics-CISOStrategics #CISO2CISONotepadSeries2 #CISO2CISONotepadSeries #0-CT-CISOStrategics #0-ATOPONE #bugcrowd

Bug Bounty Platform Bugcrowd Secures $50 Million in Growth Capital – Source: www.securityweek.com https://ciso2ciso.com/bug-bounty-platform-bugcrowd-secures-50-million-in-growth-capital-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CybersecurityFunding #CyberSecurityNews #securityweekcom #securityweek #Bugcrowd #funding

Bug Bounty Platform Bugcrowd Secures $50 Million in Growth Capital https://www.securityweek.com/bug-bounty-platform-bugcrowd-secures-50-million-in-growth-capital/ #CybersecurityFunding #Bugcrowd #funding

Bug Bounty Platform Bugcrowd Secures $50 Million in Growth Capital https://www.securityweek.com/bug-bounty-platform-bugcrowd-secures-50-million-in-growth-capital/ #CybersecurityFunding #Bugcrowd #funding

Hackers are finding new ways to leverage AI https://www.helpnetsecurity.com/2024/10/22/ai-hacking-benefits-and-risks/ #artificialintelligence #cybersecurity #Bugcrowd #hacking #report #survey #News

Microsoft culpa a la UE de lo sucedido con CrowdStrike https://blog.elhacker.net/2024/07/microsoft-culpa-europa-incidente-crowdstrike.html #microsoft #Bugcrowd #europa #Kernel

Just a reminder: with those bug bounty platforms like Bugcrowd, HackerOne or whatever, as a security researcher you are not their customer, you are the product.

If there is a conflict they will tend to side with their customer, meaning the company running the bug bounty program. Good luck proving that you have a right to disclose that vulnerability. They will pressure you into not disclosing as long as the company is opposed. So if you still want to decide anything it’s better not to grow too attached to that account because it will be used as leverage against you.

And they will try very hard to filter reports before these reach the company. If your report is more difficult to understand than the typical report for this program – good luck reaching the company, you’ll need it. It’s very likely that your report will be closed as “out of scope” with all appeals falling on deaf ears. The bug bounty platforms are paid for filtering, not for letting reports through just because they have doubts about them. You might need to think about other ways to reach the people actually in charge.

Inside the minds of CISOs https://www.helpnetsecurity.com/2024/07/02/inside-ciso-mind-video/ #cybersecurity #Don'tmiss #Hotstuff #Bugcrowd #strategy #Video #video #News #CISO #tips

Bugcrowd Acquires Informer to Enhance Attack Surface Management, Penetration Testing – Source: www.darkreading.com https://ciso2ciso.com/bugcrowd-acquires-informer-to-enhance-attack-surface-management-penetration-testing-source-www-darkreading-com/ #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #DARKReading #acquires #Bugcrowd

Breaking down the numbers: Cybersecurity funding activity recap https://www.helpnetsecurity.com/2024/04/26/cybersecurity-funding-2024/ #DefenseUnicorns #ProphetSecurity #SublimeSecurity #NagomiSecurity #NozomiNetworks #PromptSecurity #cybersecurity #SweetSecurity #SealSecurity #AimSecurity #StrikeReady #CyberSaint #DropzoneAI #investment #Don'tmiss #anecdotes #Hotstuff #Bugcrowd #Incognia #NinjaOne #Permitio #Vicarius #Alethea #Axonius #BforeAI #Simbian #Oleria #BigID #News #PVML