Tuesday, August 15
Enjoy your day, readers. :)
TOP STORY
Say hello to Macie. Amazon’s AI security bot, and S3 bucketeer blaster.
HACKTIVITY
Unsafe arithmetic in PyString_DecodeEscape [4 upvotes] - $500 bounty for this report to Python (IBB) by @jaybosamiya. Winner of the best report title this month. Bewares the integers overflows.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
Things to do during defcon:
Attend parties
Visit red rock canyon
Go shooting
Be indicted by the FBI
Rent supercars
OTHER ARTICLES WE’RE READING
Marcus is LA bound
Officially unofficial 2017 DerbyCon hiring list
Duo looks at the new NIST Update: Passphrases In, Complex Passwords Out
More on Marcus’ somewhat atypical arrangement while awaiting trial - Politico
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
Get this email forwarded to you? Click here to subscribe to the Zero Daily
AWS said Macie is a managed service that monitors data access for anomalies and provides alerts. For now, AWS said Macie will support S3, but be available for other data stores. AWS will charge by the GBs of S3 content classified and CloudTrail events analyzed.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.