all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Circle of Unfixable Security Issues

Add to bookmarks
Oct. 17, 2023, 12:32 p.m. | LiveOverflow

LiveOverflow www.youtube.com

Not every security issues can be fixed. There exist (what I call) "unfixable" bugs, where you can always argue and shift the goal posts. The idea is to only report these kind of issues to create an endless stream of bug bounty money!

Buy my terrible font (ad): https://shop.liveoverflow.com
Learn hacking (ad): https://hextree.io

What is a vulnerability? https://www.youtube.com/watch?v=866olNIzbrk

hackerone reports:
https://hackerone.com/reports/812754
https://hackerone.com/reports/6883
https://hackerone.com/reports/223337
https://hackerone.com/reports/819930
https://hackerone.com/reports/224460
https://hackerone.com/reports/160109
https://hackerone.com/reports/557154

OWASP: https://owasp.org/www-community/controls/Blocking_Brute_Force_Attacks

Chapters:
00:00 - Intro
00:30 - Denial of Service with loooong …

bounty bug bug bounty bugs call circle denial of service hackerone money posts report reports security security issues service stream

Visit resource

More from www.youtube.com / LiveOverflow

Finding The .webp Vulnerability in 8s (Fuzzing with AFL++) 4 months, 2 weeks ago | www.youtube.com
afl cve cve-2023-4863 fuzzing +9
A Vulnerability to Hack The World - CVE-2023-4863 5 months, 2 weeks ago | www.youtube.com
0day actively exploited blastpass buffer +21
Reinventing Web Security 6 months, 2 weeks ago | www.youtube.com
access clear database down +13
The Circle of Unfixable Security Issues 7 months, 3 weeks ago | www.youtube.com
bounty bug bug bounty bugs +12
Binary Exploitation vs. Web Security 8 months ago | www.youtube.com
social support
Hacker Tweets Explained 8 months, 3 weeks ago | www.youtube.com
context explained hacker justin +6
Zenbleed (CVE-2023-20593) 9 months, 1 week ago | www.youtube.com
amd amp asm assembly +18
The Discovery of Zenbleed ft. Tavis Ormandy 9 months, 3 weeks ago | www.youtube.com
bugs concept cpu cpus +16
Asking Android Developers About Security 10 months, 1 week ago | www.youtube.com
android android developers android security asking +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com