White hat

Ministry of Defence Embraces Hackers to Secure Digital Assets

Retrieved on: 
Tuesday, August 3, 2021
Software, Technology, Internet, Security, Computer security, Cyberwarfare, Cybercrime, Hacking, Computing, HackerOne, Bug bounty program, Cyberattack, White hat, Draft:Ocman Nazir Briet, HackerOne, the UK Ministry of Defence, HACKERONE, THE UK MINISTRY OF DEFENCE

The United Kingdoms Ministry of Defence (MoD) today announced the conclusion of its first bug bounty challenge with HackerOne.

Key Points: 
  • The United Kingdoms Ministry of Defence (MoD) today announced the conclusion of its first bug bounty challenge with HackerOne.
  • The Ministry of Defence program was a 30-day, hacker-powered security test aimed at surfacing vulnerabilities before they can be exploited by adversaries.
  • It is important for us to continue to push the boundaries with our digital and cyber development to attract personnel with skills, energy and commitment.
  • By disclosing vulnerabilities to security teams, ethical hackers will help the Ministry of Defence secure its digital assets and defend against cyberattacks.

Southeast Asia eCommerce platform Lazada launches public bug bounty program with YesWeHack

Retrieved on: 
Thursday, June 10, 2021
Computer security, Hacking, Articles, Cyberwarfare, Security, Bug bounty program, Competitions, Internet security, Lazada Group, VDP, White hat, Vulnerability

Focused on vulnerabilities of personal data, Lazada will pay out up to US$10,000 in rewards to ethical hackers

Key Points: 
  • Focused on vulnerabilities of personal data, Lazada will pay out up to US$10,000 in rewards to ethical hackers
    SINGAPORE, June 10, 2021 /PRNewswire/ -- Southeast Asia's leading eCommerce platform Lazada announces the launch of a public bug bounty program with YesWeHack to identify vulnerabilities, after running a successful 18 month-long private program.
  • With the launch of this public Bug Bounty program, Lazada is making a statement to the eCommerce industry, and highlighting the priority it places on security and transparency for its customers and partners, by offering security researchers up to US$10,000 per bounty.
  • This includes a pre-launch event for the public program conducted that saw hackers from the YesWeHack community identify vulnerabilities in 48 hours.
  • In addition to the Bug Bounty platform, YesWeHack also offers: support in creating a Vulnerability Disclosure Policy (VDP), a learning platform for ethical hackers called Dojo and a training platform for educational institutions, YesWeHackEDU.

Southeast Asia eCommerce platform Lazada launches public bug bounty program with YesWeHack

Retrieved on: 
Thursday, June 10, 2021
Hacking, Computer security, Cyberwarfare, Computer network security, Bug bounty program, Competitions, Internet security, VDP, Vulnerability, Software bug, White hat, Lazada Group

SINGAPORE, June 10, 2021 /PRNewswire/ -- Southeast Asia's leading eCommerce platform Lazada announces the launch of a public bug bounty program with YesWeHack to identify vulnerabilities, after running a successful 18 month-long private program.

Key Points: 
  • SINGAPORE, June 10, 2021 /PRNewswire/ -- Southeast Asia's leading eCommerce platform Lazada announces the launch of a public bug bounty program with YesWeHack to identify vulnerabilities, after running a successful 18 month-long private program.
  • With the launch of this public Bug Bounty program, Lazada is making a statement to the eCommerce industry, and highlighting the priority it places on security and transparency for its customers and partners, by offering security researchers up to US$10,000 per bounty.
  • This includes a pre-launch event for the public program conducted that saw hackers from the YesWeHack community identify vulnerabilities in 48 hours.
  • In addition to the Bug Bounty platform, YesWeHack also offers: support in creating a Vulnerability Disclosure Policy (VDP), a learning platform for ethical hackers called Dojo and a training platform for educational institutions, YesWeHackEDU.

Detectify launches open source security tool for ethical hackers

Retrieved on: 
Tuesday, May 18, 2021
Computer security, Computing, Articles, Hacking, Software testing, Internet security, Computer network security, Security hacker, Application security, White hat, Vulnerability, Penetration test

b'STOCKHOLM, May 18, 2021 /PRNewswire/ -- Detectify , the SaaS security company powered by ethical hackers, today announced the general availability of Ugly Duckling , a stand-alone application security tool specifically tailored for ethical hackers to make it easier for them to share their latest findings.\nFinding web vulnerabilities as soon as they emerge - before attackers exploit them - is critical to stay on top of web application security.

Key Points: 
  • b'STOCKHOLM, May 18, 2021 /PRNewswire/ -- Detectify , the SaaS security company powered by ethical hackers, today announced the general availability of Ugly Duckling , a stand-alone application security tool specifically tailored for ethical hackers to make it easier for them to share their latest findings.\nFinding web vulnerabilities as soon as they emerge - before attackers exploit them - is critical to stay on top of web application security.
  • The Ugly Duckling speeds up the incorporation of vulnerabilities found by ethical hackers into automated security tests on Detectify\'s platform by giving hackers the tools to create more test modules independently.\nUpon finding a vulnerability, the ethical hacker can write a module as a JSON file and test it out in Ugly Duckling, to validate that it works.
  • Detectify then implements the JSON file on their platform, scaling the quality-checked findings to thousands of application owners and security teams.Using Ugly Duckling, vulnerability findings can run live as security tests within 5-10 minutes after they have been submitted.
  • Consistent with the company\'s belief in approaching security in a collaborative way, the Ugly Duckling web scanner is not exclusive to ethical hackers in Detectify\'s Crowdsource network, but available for anyone to use for bug bounty hunting, security research, or penetration testing.

CREST Certification For Cyber Security Specialist, Stripe OLT

Retrieved on: 
Tuesday, April 13, 2021
Computer security, Computing, Articles, Hacking, Cybercrime, Computer network security, Information governance, Cyberwarfare, Penetration test, White hat, Olt

b'BRISTOL, England, April 13, 2021 /PRNewswire/ -- Stripe OLT, a cloud and cyber security specialist headquartered in Bristol, has joined an elite group of cyber security providers certified by CREST, the not for profit, cyber security accreditation and certification body.\nRecognised for their proficiency in the practice and delivery of Penetration-Testing, Stripe OLT have recently emerged as one of the up-and-coming cloud and cyber security providers in the UK.\nWith a recent rise in cyber security attacks, prompted by the COVID-19 pandemic, organisations are looking to specialists like Stripe OLT, to carry out robust security testing.\nAlso known as Pen-testing, this is a simulation technique used by \'ethical hackers\' to test the fragility of business systems and security defences.

Key Points: 
  • b'BRISTOL, England, April 13, 2021 /PRNewswire/ -- Stripe OLT, a cloud and cyber security specialist headquartered in Bristol, has joined an elite group of cyber security providers certified by CREST, the not for profit, cyber security accreditation and certification body.\nRecognised for their proficiency in the practice and delivery of Penetration-Testing, Stripe OLT have recently emerged as one of the up-and-coming cloud and cyber security providers in the UK.\nWith a recent rise in cyber security attacks, prompted by the COVID-19 pandemic, organisations are looking to specialists like Stripe OLT, to carry out robust security testing.\nAlso known as Pen-testing, this is a simulation technique used by \'ethical hackers\' to test the fragility of business systems and security defences.
  • "\nIan Glover, President of CREST said:"By achieving CREST accreditation, Stripe OLT positions itself as a trusted provider of penetration testing services and demonstrates that its business processes, data security and testing methodologies meet the highest standards.\nWith the continuing rise of sophisticated cyber-attacks from criminal and state-sponsored hacking groups, Stripe OLT is well-placed to take advantage of the growing demand for professional penetration testing services.
  • "\nAbout:Stripe OLT are a Microsoft Gold partner who offer secure cloud-first technology to organisations throughout the UK.
  • Specialising in Cloud Solutions, Cyber Security and Managed IT, Stripe OLT offer a complete business technology solution.\n'

EC-Council President and CEO Jay Bavisi to Announce the Next Big Thing in Cybersecurity in a Live Webinar on September 16

Retrieved on: 
Monday, August 31, 2020
Hacking, Computing, Data security, Computer security, Cyberwarfare, EC-Council, Certified Ethical Hacker, White hat

A huge amount of the world's workers are now working from home, opening their organizations up to more vulnerabilities than ever before.

Key Points: 
  • A huge amount of the world's workers are now working from home, opening their organizations up to more vulnerabilities than ever before.
  • Because of these factors along with the fact that the industry has been growing every year, the cybersecurity market is projected to reach $258.99 Billion by 2025.
  • "Our Certified Ethical Hacker certification continues to be the gold standard, particularly during these changing times," said Jay Bavisi, President and CEO of the EC-Council Group.
  • Bavisi will share details in a live webinar on September 16, 2020.

"Evolution of IoT Attacks" Study Exposes the Arms Race Between Cybercriminals and Cybersecurity

Retrieved on: 
Wednesday, May 27, 2020
Computer security, Articles, Information Age, Information and communications technology, Hacking, Ambient intelligence, Internet of things, Cybercrime, White hat, Cyberattack

Sectigo has categorized IoT attacks into three eras:

Key Points: 
  • Sectigo has categorized IoT attacks into three eras:
    Beginning in 2005, cybercriminals started to explore the potential to cause lasting damage to critical infrastructure, and even life.
  • Security defenses at the time were rudimentary, with organizations unaware of the value the IoT could have for hostile actors.
  • Spanning 2011-2018, cybercriminals actively exploited the lucrative and damaging potential of attacking the IoT, thus expanding attacks to more targets with increased severity.
  • White hat hackers exposed potential IoT vulnerabilities to help shore up defenses before attacks occurred in the wild.

Israel's Leading Retail Company, Shufersal, Chooses PenTera to Validate Network Security Controls in Time of Pandemic

Retrieved on: 
Wednesday, May 27, 2020
Software testing, Articles, Computer network security, Cyberwarfare, Computing, Hacking, Penetration test, Shufersal, Computer security, White hat, Security hacker, Artificial intelligence

TEL AVIV, Israel, May 27, 2020 /PRNewswire/ --Pcysys has announced that Shufersal, Israel's leading retail company, has chosen Pcysys' Automated Penetration Testing Platform, PenTera, to continuously test its security controls.

Key Points: 
  • TEL AVIV, Israel, May 27, 2020 /PRNewswire/ --Pcysys has announced that Shufersal, Israel's leading retail company, has chosen Pcysys' Automated Penetration Testing Platform, PenTera, to continuously test its security controls.
  • PenTera enables us to build an actionable security strategy that supports secure business continuity."
  • Requiring no agents or pre-installations, the PenTera platform uses algorithms to scan and ethically penetrate the local or remote network with the latest ethical hacking techniques.
  • By aligning with the MITRE ATT&CK framework, the platform provides the enterprise infrastructure with a consistently high standard of security testing.

Over 460 Vulnerabilities Resolved in Tenth Bug Bounty Challenge with U.S. Department of Defense Thanks to Hackers on HackerOne

Retrieved on: 
Wednesday, April 15, 2020
Security, Defense, Technology, Other Defense, Software, Computing, Digital technology, Hacking, Cyberwarfare, Internet security, HackerOne, Cybercrime, Bug bounty program, Security hacker, Computer security, White hat, Hacker

The bug bounty challenge invited white hat hackers to discover and disclose vulnerabilities within the Air Force Virtual Data Center a pool of cloud-based servers and systems so they can be safely resolved.

Key Points: 
  • The bug bounty challenge invited white hat hackers to discover and disclose vulnerabilities within the Air Force Virtual Data Center a pool of cloud-based servers and systems so they can be safely resolved.
  • Over the four-week long Challenge 60 vetted hackers reported over 460 vulnerabilities, earning more than $290,000 for helping the U.S. Air Force boost security between the remote and live hacking Challenge.
  • HackerOne has been a trusted partner for the Department of Defense for over three years, with collaboration from 500,000 hackers worldwide.
  • Each previous bug bounty Challenge has invited trusted hackers to find vulnerabilities across different attack surfaces, securing digital defenses from adversaries.

EC-Council Launches CEH Master Hacker Certification in UK to Train Ethical Hackers to Become World-class Security Professionals

Retrieved on: 
Tuesday, January 21, 2020
Hacking, Certified Ethical Hacker, Vocational education, CEH, Education, EC-Council, Professional certification, White hat, Academic disciplines

LONDON, Jan. 21, 2020 /PRNewswire/ -- EC-Council , the leading global information security certification body, has recently launched Certified Ethical Hacker (CEH) Master credential in UK market to address the rising demand for performance-based training & certification for ethical hackers.

Key Points: 
  • LONDON, Jan. 21, 2020 /PRNewswire/ -- EC-Council , the leading global information security certification body, has recently launched Certified Ethical Hacker (CEH) Master credential in UK market to address the rising demand for performance-based training & certification for ethical hackers.
  • CEH Master uses a new methodology to prepare the students for real-world jobs.
  • CEH Master prepares the candidate for actual challenges by evaluating their capability against problems from the real-world.
  • To become CEH Master, candidate must successfully pass the CEH exam and demonstrate competency in managing real-world hacking challenges via the CEH (Practical) Exam.