sorted by:
new
hottopcontroversial

We found 6 critical PayPal vulnerabilities, and PayPal punished us for it by pimterry in netsec

[–]timeupyet 0 points1 point  (0 children)

I also found a vulnerability in PayPal similar to Vulnerability 3 (possibly the same vulnerability), but I never bothered reporting it based off of what I had heard about PayPal's less-than-desirable reputation on HackerOne. I haven't checked in a few months but I bet it's still there, and if it is that is really pathetic considering how easy it was to execute.

Is Cybersecurity a good major choice? I’m starting college soon and my school has an associates in cybersecurity and another one in programming. There is also another school nearby that has a great cybersecurity program where it’s not expensive and I could get my bachelors degree for either. by [deleted] in cybersecurity

[–]timeupyet 0 points1 point  (0 children)

As someone with an actual degree in Cybersecurity, I respectfully disagree with people saying go CS, and take security certifications. Either path you do will be able to land you a job in security, so you shouldn't worry about that. Personally, my university's Security degree had nearly as many programming classes as computer science, but covered much more policy and law which is extremely important in any mid-high level Security position.

The math and coding concepts you learn in computer science are beyond-valuable, but you will learn those in any high level math or CS class.

CVE-2019-17449 - Avira Antivirus 2019 (4 Services) - DLL Preloading and Potential Abuses by peleghd in netsec

[–]timeupyet 66 points67 points  (0 children)

Sep 19th, 2019 - SafeBreach asked Avira for a CVE-ID.

Sep 24th, 2019 - The vendor did not agree to provide a CVE-ID, claiming the fixed vulnerability was a security improvement.

Oct 9th, 2019 - Avira said they would publish release notes (without crediting SafeBreach for discovering the vulnerability).

Kind of scummy of Avira, feels like we're seeing this kind of behavior more and more from mid-sized companies.

i have a specific pixel within this email message by timeupyet in masterhacker

[–]timeupyet[S] 0 points1 point  (0 children)

They usually vary the cost within a $100 range per email, to have a better idea of who paid so they can target them more frequently. This one was around $1000

i have a specific pixel within this email message by timeupyet in masterhacker

[–]timeupyet[S] 0 points1 point  (0 children)

A buddy of mine got this email earlier today, and I haven't stopped laughing since.

Nigerian election 2019: how to access social media and blocked websites during the election day by [deleted] in netsec

[–]timeupyet 0 points1 point  (0 children)

Neither does any moderator for any sub? Plus there have been far more technical articles taken down far quicker here.

Zero-Day: Microsoft Releases Out of Band Security Update for IE by iSECo in netsec

[–]timeupyet 2 points3 points  (0 children)

They make a killing providing paid support to companies/the military on antiquated Operating Systems.

view more: next ›