Hacking, AppSec, and Bug Bounty newsletter

2018-02-27 | Memory segmentation cheat sheet, Cellebrite’s iPhone magic trick, and 2018 Global Threat Report by Crowdstrike

Tuesday, February 27


  • Crowdstrike’s 2018 Global Threat Report, Tim Starks opines that it’s all bad newsCyberWire says: Among the findings are the rise of supply chain compromise and cryptocurrency related fraud as significantly expanded attack vectors. Another interesting finding is the speed with which successful attackers are able to pivot laterally from an initial compromise: just under two hours.


You can see all the latest and greatest disclosures and bounties on  



Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email:

Get this email forwarded to you? Click here to subscribe to the Zero Daily

When writing about this kind of research, it’s important for us to properly contextualize it and make clear that while a lot of these techniques are indeed cutting edge and cool, most of them are unlikely to ever be deployed against the average consumer; unless you just want to create a piece of hack porn.

Joseph Cox


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.