Hacking, AppSec, and Bug Bounty newsletter
2017-06-30 | Pegasus redux, Wind turbine hack, and Five Eyes unlimited
Friday, June 30
Gearing up for the holiday weekend! fyi - there will be no Zero Daily on 07-03 or 07-04, but we’ll be back in black on Wed 07-05!
Citizen Lab revisits the NSO-driven Pegasus targeting of Mexican politicians in Reckless Redux: Senior Mexican Legislators and Politicians Targeted with NSO Spyware.
Missing Access Control(IDOR) To Know LinkedAccounts [10 upvotes] - $100 bounty for this report to Dashlane by @xkiraak-boy.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
Even minor issues can be vulnerabilities at scale - @find_evil
Two tweets of the day this week for @find_evil. It’s almost like we need a tweet of the day award (insert thinking emoji here)
OTHER ARTICLES WE’RE READING
Wind turbine hack. Physical access is total access.
In LA? See you at Flame Wars
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
Companies could be prohibited from fixing existing vulnerabilities, or required to introduce new ones in forthcoming products.