Hacking, AppSec, and Bug Bounty newsletter
2017-06-14 | Hidden Cobra, Cybering Up, and DMA attack software
Wednesday, June 14
Hump day is here - make it a great one!
Hidden Cobra is North Korea’s DDoS Botnet Infrastructure. In a joint technical alert (TA17-164A) the DHS and FBI describe the tools and infrastructure used by cyber actors of the North Korean government and include solutions and mitigation strategies. They steer clear of the APT tag, however.
Unsecured DB instance [34 upvotes] - $5,000 bounty for this report to Pornhub by @cyber-guard. Vulnerable OrientDB server instances were found to be vulnerable to script based remote code execution leading to privilege escalation.
DOM Based XSS In mercantile.wordpress.org [6 upvotes] - no bounty for this report to WordPress by @pabster. Good example of great communication: Triager: “this is a duplicate”, Hacker: “em, no it’s not and here’s why”, Triager: “doh, you’re right, sorry I missed that!”
Notables and interesting partially disclosed bugs: @fildescriptor nabbed a $7K+ bounty from Twitter, @wplus got $1K for their report to Snapchat, and Shopify-Scripts awarded over $4,000 in bounties yesterday.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
The Mother of All Skimmers #infosec #carders - @x0rz
OTHER ARTICLES WE’RE READING
The U.S. Army is Cybering Up
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
Get this email forwarded to you? Click here to subscribe to the Zero Daily
Due to the malware’s capability to act autonomously through time bombs, passive defenses such as air gapping will not prevent the malware from being activated once in the network.