all InfoSec news
$1mln - Generating ETH from thin air - Aurora rainbow bridge withdrawal logic bug
Feb. 6, 2023, 2:10 p.m. | Bug Bounty Reports Explained
Bug Bounty Reports Explained www.youtube.com
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw
This video is an explanation of a vulnerability in Aurora's Rainbow bridge. It could allow a malicious attacker to generate Ethereum from thin air. It was rewarded $1 mln bug bounty.
The bugfix review: https://medium.com/immunefi/aurora-withdrawal-logic-error-bugfix-review-c5b4e30a9160
Thanks to Michał from Halborn for explaining the issue to us: https://halborn.com
The bug was reported via Immunefi: https://immunefi.com/
🖥 Get $100 in credits for …
aurora bounty bridge bug bug bounty eth ethereum logic malicious video vulnerability
More from www.youtube.com / Bug Bounty Reports Explained
Minimising user interaction for OAuth account takeovers
2 weeks, 2 days ago |
www.youtube.com
Do not use the script tag when testing for XSS
2 weeks, 3 days ago |
www.youtube.com
Leaking GitHub's 1220 env variables #BBRENewsletter75
3 weeks, 1 day ago |
www.youtube.com
Always check this when bypassing SSRF filters #BBRENewsletter75
3 weeks, 3 days ago |
www.youtube.com
HTTP Multiline headers #bugbounty #bugbountytips #bugbountyhunter
1 month, 1 week ago |
www.youtube.com
Browser-powered desync #bugbounty #bugbountytips #bugbountyhunter
1 month, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC