omarbv(blog)

Cyber Security and Data Privacy

NullCON GOA 2022 - Tech Bug Bounty Panel

Nov 06 2022 - English

I had the great opportunity to participate as speaker at NullCON GOA 2022 last September, in the Tech Bug Bounty Panel with other Bugbounty and Responsible Disclosure managers. The discussion revolved around the experience & challenges for an Organizations running their own active Bug Bounty Programs… (continue)

Building a BugBounty Program from Scratch

May 12 2021 - English

What happens when a security researcher finds a bug in your code or the way to access your customer data? Do you have a clear policy and flow to get the findings in a safe way? During this session I will show you how to create a Bug Bounty or Responsible Disclosure… (continue)

Building a VDP for Success

Apr 22 2021 - English

Vulnerability Disclosure Programs (VDPs) are a clear way to tell the security researcher community how an organization wants them to report a vulnerability and what an organizations’ commitment will be to fixing it… (continue)

Secrets on Github, a plage

Jun 22 2020 - English

Software Engineers are humans. Humans make mistakes, and anything that can go wrong, will eventually go wrong. There is a known and big issue in Git and SVN platforms where developers push their code, sharing sometimes more than they should… (continue)

CyberSecurity Trends in 2020

Jan 15 2020 - English

Due to the huge geopolitical movement of the last few months with important actors on the scene, the year 2020 can be expected to manifestly reach a direct cyber confrontation to measure forces in the face of a hypothetical cyberwar… (continue)

Github Email Search Tool

Oct 31 2019 - English

At some point, maybe you had the need to contact the owner of a Github repository. That is a feasible thing but very manual, loosing a lot of time copy&pasting and searching. Now this will be easier with… (continue)

Yubikey Neo + Ubuntu 18.04.3 LTS

Oct 28 2019 - English

Post explaining how to install a new security requirement and use a Yubikey as 2FA to log in your session in Ubuntu 18.04.3 LTS… (continue)

Ciberataques. La delincuencia digital

Oct 21 2019 - Español

En este capítulo descubrimos como en el ciberespacio también existen el bien y el mal: los hackers éticos y los ciber-delincuentes se enfrentan en una lucha por atacar y defender los secretos, sin olvidarse que la ciber-policía patrulla las calles de las redes más oscuras… (continúa)

Bug Bounty Program, does it help?

Mar 06 2019 - Español

What happens when a security researcher finds a hole in your code? Do have a clear policy to submit this kind of findings? Most not. Responsible Disclosure is something every company should manage… (continue)

CyberSecurity Trends in 2019

Jan 11 2019 - English

During the next year we will see a natural increase in the automation of attacks against companies and homes using artificial intelligence to facilitate the work of cybercriminals, and also multiply the targets to attack… (continue)

Apple Siri Bug – Deactivating Wi-Fi

May 30 2017 - English

After reading the post published by Anton31Kah at Reddit, where he explains a bug in Siri that allows you to deactivate movile data although the iPhone is locked with a passcode. So I started to do some test regarding the WiFi… (continue)

NOSEC SmartSociety

Nov 15 2016 - Español

¿Qué ocurre si prescindimos de la ciberseguridad? ¿Se invierte lo suficiente hoy en día? Parece que no… (continúa)

Norwegian Air, playing with VOD system

Sep 20 2016 - English

This post is excerpted from the talk presented at the CyberSecurity Meetup Helsinki, about vulnerabilities and bad implementations in several products… (continue)

CyberSecurity Meetup in Helsinki

Aug 16 2016 - English

After careful consideration and much thought, finally I decided to create an interesting “meetup” event in Helsinki focused in CyberSecurity… (continue)

KeyLemon, bypassing face-authentication

Jun 13 2016 - English

KeyLemon, is a well known application from Switzerland, that allows to enter in your session without login or password, with more than 3 million of downloads and also is involved in an European Commission project funded by more than 4 million Euros… (continue)

May 30 2016 - English

According to the last Internet Crime Complaint Center (IC3) report, cybercrime had a considerable, negative impact on U.S. businesses during 2015… (continue)

omarbv.github.io