December 2017

Around The World

Bug Bounty Programs list

Reward Programs AT&T – http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235 (To submit you need to sign up to the free Developer API program) Avast! – http://www.avast.com/bug-bounty Barracuda – http://barracudalabs.com/ Coinbase – https://coinbase.com/whitehat Chromium Project – http://www.chromium.org/ CrowdShield – https://crowdshield.com/ Cryptocat – https://crypto.cat/bughunt/ Facebook – http://www.facebook.com/whitehat/ Etsy – http://www.etsy.com/help/article/2463 Gallery – http://codex.gallery2.org/Bounties Ghostscript – http://ghostscript.com/Bug_bounty_program.html (Mostly software development, occasional security issues) Google – http://www.google.com/about/company/rewardprogram.html Hex-Rays – http://www.hex-rays.com/bugbounty.shtml IntegraXor (SCADA) – http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program LaunchKey – https://launchkey.com/docs/whitehat Marktplaats – http://statisch.marktplaats.nl/help/ Mega.co.nz – http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/ Meraki…

Around The World

stay alert from wireless Attacks

Three general wireless attacks are to use a fake access point (AP), or use a fake AP with a static extended service set ID (ESSID), or use a fake AP and an “evil twin.” All can be set up and executed instantly. By setting up the fake AP, a hacker can obtain complete control over all TCP/IP connections passing through it. At that point, intercepting network traffic and capturing or changing it becomes useless. With…