HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Techbrunch

no profile record

Submissions

Protecting Cookies with Device Bound Session Credentials

security.googleblog.com
3 points·by Techbrunch·3 months ago·0 comments

Mercari's Phishing-Resistant Accounts with Passkey

engineering.mercari.com
1 points·by Techbrunch·5 months ago·0 comments

Claude is competitive with humans in (some) cyber competitions

red.anthropic.com
1 points·by Techbrunch·11 months ago·0 comments

SSO Tax – Wall of Shame

ssotax.org
3 points·by Techbrunch·2 years ago·0 comments

How AWS threat intelligence deters threat actors

aws.amazon.com
1 points·by Techbrunch·3 years ago·0 comments

Hacking the Largest Airline and Hotel Rewards Platform

samcurry.net
4 points·by Techbrunch·3 years ago·0 comments

HackerOne lays off 12% of its workforce

hackerone.com
67 points·by Techbrunch·3 years ago·106 comments

comments

Techbrunch
·2 years ago·discuss
Depending on the target and the severity of the vulnerability the vendor might consider fixing the vulnerability even if EOL.

If the target is an IOT device the vulnerability will likely be mass exploited to create a botnet.

The U.S. government recently ‘took control’ of a botnet run by Chinese government hackers made of 260,000 Internet of Things devices... (Source: https://techcrunch.com/2024/09/18/u-s-government-took-contro...)
Techbrunch
·2 years ago·discuss
"Although the term "zero-day" initially referred to the time since the vendor had become aware of the vulnerability, zero-day vulnerabilities can also be defined as the subset of vulnerabilities for which no patch or other fix is available." - Source: https://en.wikipedia.org/wiki/Zero-day_vulnerability
Techbrunch
·2 years ago·discuss
I found that Anthony Fu's QR Toolkit is a great alternative: https://qrcode.antfu.me/
Techbrunch
·2 years ago·discuss
Is there a ublock origin list that can be used to filter those websites ?
Techbrunch
·3 years ago·discuss
It is but it was proofread by a human with expertise in the domain, and honestly I wouldn't have done better in such a short amount of words. If someone wants to know more they better read the article which I did to make sure the generated text wasn't bullcrap :)
Techbrunch
·3 years ago·discuss
Martin Vigo's article discusses the security vulnerabilities in password reset options for various websites and how these can lead to the exposure of personal phone numbers. Vigo highlights that during a password reset process, websites often partially reveal the user's phone number. This partial display varies across websites; some show the last four digits, others the first, and so on. By initiating password resets across different sites, one can potentially piece together most of the digits of a phone number just from an email address.