Hacking, AppSec, and Bug Bounty newsletter
2018-03-27 | Aadhaar data leak, Facebook Container by Firefox, and XSS auditor reporting to report URI
Tuesday, March 27
Security researcher Karan Saini found an open API endpoint on Aadhaar, India's national ID database, ZDNet’s Zack Whittaker reports. This is not the first time Aadhaar has been in the news for security lapses, exposing the information of over 1.1 billion Indian citizens.
TWEET OF THE DAY
Want to freak yourself out? I'm gonna show just how much of your information the likes of Facebook and Google store about you without you even realising it - @iamdylancurren
OTHER ARTICLES WE’RE READING
XSS Auditor reporting to Report URI by Troy Hunt and Scott Helme
Facebook Container by Mozilla Firefox is a plugin that isolates your Facebook identity from the rest of your web activity
UpGuard sinks their teeth into a digital analytics firm that was buddy buddy with Cambridge Analytica
“I did my masters research in Android security and privacy”, Whitney Merrill’s tweet thread on the Android permissions history, and you can also read her research.
Threat landscape for industrial automation systems in H2 2017 by Kaspersky Lab.
Monero: Not so stealthy
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
Get this email forwarded to you? Click here to subscribe to the Zero Daily
“Blockchain” sounds so much cooler than “slowest distributed database known to man”.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.