Tuesday, June 20
TOP STORY
198,000,000 Americans’ data exposed in RNC breach. Mercy. 1.1TB of data in a publicly accessible Amazon S3 bucket. “The RNC data repository would ultimately acquire roughly 9.5 billion data points regarding three out of every five Americans.”
HACKTIVITY
Session replay vulnerability in urbandictionary.com [6 upvotes] - swag bounty for this report to Urban Dictionary by @tcpiplab. Detailed PoC, understanding researcher, issue fixed, public disclosure.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
What could possibly go wrong? @ericlaw
OTHER ARTICLES WE’RE READING
Stack Clash: from low-level access to unfettered root. @mzbat can never go offline again. See also, Ars’ coverage
SDR and RF signal analysis
A complete list of all domains registered under Russian TLD space via @mandatoryprogrammer
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
Get this email forwarded to you? Click here to subscribe to the Zero Daily
What is beyond debate in 2017 is the increasing inability to trust in the integrity of information technology systems, particularly at scale. As reliance on technology increases, so too grows the cyber risk surface; as more and more functions of life migrate onto digital platforms, more and more functions of life invite cyber risk.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty solutions encompass vulnerability assessment, crowdsourced security testing and responsible disclosure management. Discover more about our hacker powered security testing solutions or Contact Us today.