Hacking, AppSec, and Bug Bounty newsletter
2018-06-04 | North Korea’s continued cyber espionage activity, VPNFilter botnet revival, and HBO’s Hackerville
Monday, June 4
Let’s play a game - Former cyber czar for the Pentagon talked at Re/Code last week about the nation-state threat to digital democracy and the DIME framework: Diplomacy, Intelligence, Military, and Economic tools. North Korea “worried him the most”. Ars Technica reports North Korea’s continued cyber espionage activity leading up to potential summit, and US-CERT published a joint technical alert last week attributing two families of malware used by the North Korean government.
TWEET OF THE DAY
Using a centralised commercial repository for your code is a bad idea. What you should do is run your own git server in your mums basement hosted on a raspberry pi. I will share some instructions on getting started... (1/214) - @liamosaur
OTHER ARTICLES WE’RE READING
Using pictures and few words, illustrate the TCP handshaking process… 10 tough questions on the final exam for the Tufts University’s COMP 116 course, Intro to Computer Security.
The VPNFilter Botnet Is Attempting a Comeback says researchers at JASK and GreyNoise.
The Intercept published phishing emails that were sent to US election officials days before the 2016 Presidential elections in an attempt to pwn state voting systems.
CHIPSEC: Platform Security Assessment Framework, originally announced at CanSecWest in 2014
Technical analysis of Iron Group's Malware using HackingTeam’s Leaked RCS source code with VMProtected Installer
Hackerville, coming soon to an HBO subscription near you
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
I was the DoD’s cyber czar, which sounds sexy until you remember that almost all the czars are eventually assassinated.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.