There is no excerpt because this is a protected post.
404 Not Found: Vulnerability Disclosure in the Philippines
A bug is a vulnerability within a software or hardware that gives cybercriminals an opportunity to carry out malicious activities, potentially causing severe financial and reputational damage.
Security Advisory – CVE-2020-12832
WordPress Plugin Simple File List is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.
Non-Verified User can Submit Report,View Disclosed Reports | Secuna Bug Bounty
As a Verified user in Secuna you should be able to update your profile,submit reports,view disclosed reports and update payout method meanwhile if your account is not verified you should not be able to submit reports, view disclosed reports, update your profile and etc.
Static Analysis of wish-you.co
Recently wish-you.co became viral on the Philippines when Filipino Facebook users started sending their own customized New Year's Greetings to their Facebook Friends.
Exposed S3 Credentials of QuadX
Secuna is the first and only crowdsourced cybersecurity testing platform in the Philippines helping startups and SMEs by connecting them to vetted security researchers to find and fix security vulnerabilities before they can be exploited by cybercriminals.
Rootcon CTF 2019 | Kahl Dereta Write Up
The First Time CTF Experience with Jonelle H. Castañeda and Aeruc Maquilang was Really Good! Hats off to Pwn De Manila for Organizing this awesome Capture the Flag at Rootcon 13.
Insufficient Rate Limitting on Facebook Fundraisers
Facebook Fundraisers Lacks Rate Limiting Protection. Malicious actors can bruteforce this by sending different random credit or debit card numbers. This could result to large scale fraud.
Security Advisory – CVE-2019-5450
Nextcloud is a suite of client-server software for creating and using file hosting services. Nextcloud application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting.
Security Advisory – CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone.