ZERO DAILY

Hacking, AppSec, and Bug Bounty newsletter

2018-06-12 | Apple code signing vulnerability reported by Okta, The rise of cryptocurrency miners, and Burp Suite testing tips

Tuesday, June 12

TOP STORY

  • Lack of input sanitization made the Crestron DGE-100 Console, a widely used video processing service, vulnerable to command injection that could be used to gain root-level access (CVE-2018-5553). Fixed last week, disclosed today in a blog post by Rapid7.

TWEET OF THE DAY

OTHER ARTICLES WE’RE READING

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

Get this email forwarded to you? Click here to subscribe to the Zero Daily

NEVER, NEVER, NEVER, say, “My company would have “prevented Mirai, or WannaCry, or Meltdown/Spectre.” It may be true (doubtful) but you’ll only appear arrogant, which is never endearing to a customer.

Rule #6 Rules For Cybersecurity Salespeople by Mark Weatherford

 


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.