2018-06-01 | White House botnet report, Analysis of an RCE in a steam client, and Ticketfly site remains down after attack

Friday, June 1

TOP STORY

The White House botnet report (a directive of a May 2017 Executive Order) embraces the need to pull in the industry stakeholder community and collaborate. Commentary from insidecybersecurity.com.

TWEET OF THE DAY

Looks like AWS just made a simple way to implement BeyondCorp by making their load balancers act as authenticating reverse proxies - @0xdabbad00

OTHER ARTICLES WE’RE READING

Ticketfly site remains down and the attacker claims they have stolen the customer database.
Analysis of an RCE in a steam client.
Git v2.17.1 released, including patch for CVE-2018-11235, more from ZDNet.
The HSCA President submitted comments on Supported Lifetimes and Legacy Medical Devices to leaders of the House Energy and Commerce Committee who are looking at medical device security risks
New York is conducting election hacking tests with the DHS

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

Get this email forwarded to you? Click here to subscribe to the Zero Daily

The increased use of connected medical devices and software as a service (SaaS), adoption of wireless technology, and overall increased medical device and service connectivity to the internet, significantly increase the risks of cybersecurity threats.

Todd Ebert, President and CEO, Healthcare Supply Chain Association

HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.