Hacking, AppSec, and Bug Bounty newsletter
2018-01-17 | Trisis lurks, Skygofree Android spyware, and iCloud in China
Wednesday, January 17
OTHER ARTICLES WE’RE READING
Skygofree writeup of new Android spyware discovered by Kaspersky Labs
Blockchain blues: TL;DR: you can hijack certain Lisk accounts and steal all their balance after only 264 evaluations of the address generation function (a combination of SHA-256, SHA-512, and a scalar multiplication over Ed25519’s curve).
Censys subdomain finder by @christophetd
iCloud in China: Does Apple encrypt your iCloud backups? So what exactly is Apple storing in China? Thought-provoking questions by Matthew Green
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
The Trisis malware framework is just one component of what would need to be a highly sophisticated, multi-step intrusion that first compromises industrial control equipment before covertly planting Trisis.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.