Hacking, AppSec, and Bug Bounty newsletter
2018-01-17 | Trisis lurks, Skygofree Android spyware, and iCloud in China
Wednesday, January 17
OTHER ARTICLES WE’RE READING
Skygofree writeup of new Android spyware discovered by Kaspersky Labs
Blockchain blues: TL;DR: you can hijack certain Lisk accounts and steal all their balance after only 264 evaluations of the address generation function (a combination of SHA-256, SHA-512, and a scalar multiplication over Ed25519’s curve).
Censys subdomain finder by @christophetd
iCloud in China: Does Apple encrypt your iCloud backups? So what exactly is Apple storing in China? Thought-provoking questions by Matthew Green
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
The Trisis malware framework is just one component of what would need to be a highly sophisticated, multi-step intrusion that first compromises industrial control equipment before covertly planting Trisis.