There's still time to earn a 🚨100% bonus!🚨

🚨100% bonus!🚨 Yes, you read it right! With March Madness underway, we may have gone a little crazy with our 100% bonus on Medium+ severity reports on some of Yahoo's top brands (check the list!). Read more in the thread and good luck getting part of this $100k bonus pool!

💰 Double your earnings! 💰 March madness is here, and Yahoo's doubling the base pay for medium or higher severity reports on select assets until March 31st! Will you be one of the lucky hackers? Let's get hacking! Yahoo The Paranoids #Intigriti buff.ly/3THmmZ3

🚀 This Friday is the big day! Join us for our Open Port event and get ready for an exciting lineup: Lansweeper, Yahoo, and 1 mystery customer are offering bonus incentives! 💰. 🗣️ We have talks from 2 of our brilliant hackers 🎤 Don't miss out! #Intigriti #HackWithIntigriti

Let your Red Team to seamlessly document their operations and collaborate in real-time with ASHIRT — an open-source tool for offensive operations: yahooinc.com/paranoids/maki…

Sigstore is aimed to ensure privacy & scalability, integrates technologies for seamless signing, verification, & provenance checks. 🔏 Explore how Yahoo utilizes #Sigstore alongside Athenz as an internal Certificate Authority for container image security: openssf.org/case-studies/2…

The latest edition of the IRE Journal focuses on journalist safety: ire.org/product/ire-jo…

Our writers offer guidance on getting help in emergencies, protecting yourself online and coping with trauma. We also explore journalism trends and techniques behind major investigations.

The Paranoids set the gold standard for bug bounty! 🙌 Join us in celebrating Yahoo's 10-year bug bounty anniversary- here's to another 10 years, another 13K remediated vulnerabilities, and another 1,800 hackers keeping Yahoo's slice of the internet safer. hackerone.com/yahoo?type=team

🔑Pushing new container images at scale is hard. Verifying those images' authenticity is harder.

Read how Yahoo uses an open-source project — Sigstore — to sign tens of thousands of images a day transparently! 🔑yahooinc.com/paranoids/scal…

Read how Yahoo’s Chief Paranoid's softer skills aided his transition from technical security leader to CISO: yahooinc.com/paranoids/sudd…

🤩 Exciting news for all bug hunters & CTF players! Today, Yahoo is launching their public bug bounty program on Intigriti, and is bringing bug bounty bonuses to real CTF competitions, allowing you to earn up to $15,000 on top of your bounty!

🚩 How to participate (see reply) 👇

The Paranoids are super excited to partner with Intigriti to not only launch our public Intigriti program but also kick off with this exciting CTF bonus for GlacierCTF! 🚀 Congrats to our program (@slvr_warrior) and operations (@JonathonRobin) leads for this next big step! 🎉

GlacierCTF Players: Earn Up To $15k Bonuses for Yahoo Bug Bounty Submissions blog.intigriti.com/2023/09/28/gla…

1. Yeti coffee cup from The Paranoids I use it every day
2. @bugcrowd BugBash T-Shirt I love the fit it’s one of my must washes every week - I can’t find a supplier for the brand in the UK :(
3. OWASP® Foundation DEFCON T shirts - I ended up accidentally volunteering at their booth and they…

Solid Red Team work 👏

Our team disclosed a series of vulnerabilities to Ivanti in their EPM software, one of which an RCE that can be used to move laterally across the fleet. Check out the write up and make sure you are patched! yahooinc.com/paranoids/para…

Earlier this year, the Paranoids Vulnerability Research team  disclosed a critical remote code execution (RCE) vulnerability in Ivanti’s endpoint management product: yahooinc.com/paranoids/para….