Two years ago I've leaked the eu-central-1 in Frankfurt. Today I found the first hints for a new region called eu-west-2. There are already API endpoints with a valid DNS record and a correct TLS subject in the certificate reachable: $ timeout 1 openssl s_client -connect ec2.eu-west-2.amazonaws.com:
In January 2015, Google launched an experimental program called Vulnerability Research Grants to complement the long-running Vulnerability Reward Program, with the goal of rewarding security researchers who verify the security of Google products and services, even in the case when no vulnerabilities are found. As a regular reporter to the
In 1994 I was the first time at Rubjerg Knude. This lighthouse is located on the coast of the North Sea in Rubjerg, in the Jutland municipality of Hjørring. At this time I bought my first analog camera - a small analog APS camera. Unfortunately I can't remember the brand.
Since 2005 Apple has been listing all responsible disclosed vulnerabilities (web application security) on a dedicated page. There are in total 435 bugs listed, reported by hundreds of individuals. In 2011 I've already made a posting about vulnerabilities I've found in Apple's sites. This posting was called Apple XSS Gallery
In March Andy Jassy, senior vice president of Amazon Web Services Unit said to the Wallstreet Journal, that Germany is "one of the few countries" where customers are asking for a data center "on their own soil". This news is now 4 month old and it looks like that a
Last year I found a exploitable boolean-based / AND/OR time-based blind SQL injection vulnerability in Sonatype SonarQube >=3.4 and <3.6.1. CVSS v2 Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:C) Overall Score: 9 SonarQube (formerly Sonar) is an open source platform