Hacking, AppSec, and Bug Bounty newsletter
2017-05-26 | Lazarus profiled, Tainted leaks, and pacemaker problems
Friday, May 26
In the Bible, Lazarus was raised from the dead. In North Korea, the Lazarus Group writes malware. Symantec profiles Lazarus Group in their latest medium post. Much mystery still surrounds the WannaCry attack, and Lazarus itself, but ... it is unlikely to be the last we see of this audacious attack group.
[buy.coinbase.com]Content Injection - [10 upvotes] - $100 bounty for this report to Coinbase by @phspade.
How many $10,000+ bounties have been paid out this past year on HackerOne? The answer to this question and more coming soon - so stay tuned….
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity.
TWEET OF THE DAY
A pair of #Plotly bugs: Stored XSS & AWS Metadata SSRF. Resolved & disclosure approved via @Hacker0x01! #bugbounty @SecurityYasin
OTHER ARTICLES WE’RE READING
Tainted Leaks via Citizen Lab
Despacito? Hackers chime in with their favorite hacking jams. What’s yours?
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
I tend to do girl pop when failing over network equipment and synth when coding :)
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty solutions encompass vulnerability assessment, crowdsourced security testing and responsible disclosure management. Discover more about our hacker powered security testing solutions or Contact Us today.