all InfoSec news
195 - Stealing Secrets with Security Advisories and CorePlague [Bug Bounty Podcast]
March 14, 2023, 8 p.m. | DAY[0]
DAY[0] www.youtube.com
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/195.html
[00:00:00] Introduction
[00:00:25] Abusing Hop-by-Hop Header to Chain A CRLF Injection Vulnerability
[00:04:26] HubSpot Full Account Takeover in Bug Bounty
[00:12:22] Unauthorized access to organization secrets in GitHub
[00:17:39] CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE
[00:26:37] Firefly: a smart black-box fuzzer for web applications testing …
abusing access account account takeover applications bounty box bug bug bounty crlf injection vulnerability exploiting exposure fuzzer github header hubspot injection introduction jenkins organization podcast rce secrets security security advisories server smart stealing takeover unauthorized access vulnerabilities vulnerability web web applications xss
More from www.youtube.com / DAY[0]
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Cyber Security Culture – Communication and Content Specialist
@ H&M Group | Stockholm, Sweden
Container Hardening, Sr. (Remote | Top Secret)
@ Rackner | San Antonio, TX
GRC and Information Security Analyst
@ Intertek | United States
Information Security Officer
@ Sopra Steria | Bristol, United Kingdom
Casual Area Security Officer South Down Area
@ TSS | County Down, United Kingdom