Hacking, AppSec, and Bug Bounty newsletter
2018-07-03 | The Federal CISO handbook, Stylish browser extension spyware, and Secure reverse shell over SSH script
Tuesday, July 3
Happy Tuesday! Quick programming note: Zero Daily will not publish 07-04 - 07-06 in observance of the Fourth of July holiday. See you next Monday!
The North Korea - US summit in Singapore had goodie bags. Sort of. A reporter from The Economist gave security researcher Sergei Skorobogatov a USB fan that they grabbed from the media filing center and Sergei took it apart. Turns out the USB fan is just for, well fanning (probably).
TWEET OF THE DAY
Egypt didn't just censor the internet. It profited from it. Many blocked sites were redirected to affiliate ads and cryptocurrency mining scripts. Even @UN sites were redirected. https://blog.torproject.org/egypt-internet-censorship - @torproject
OTHER ARTICLES WE’RE READING
Stylish browser extension is essentially spyware says researcher Robert Heaton
Security.txt has a mailing list
Financial Stability Board published a “cyber lexicon” document
40+ Start up Security articles from @magoo
Secure reverse shell over SSH script by @noxrnet
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
Cyber incidents are a threat to the entire financial system, a fact that is underscored by recent
reports of significant and damaging incidents both inside and outside the financial sector. The
2016 attack on the Bangladesh Bank resulted in the theft of $81 million, the WannaCry
ransomware attack in 2017 infected more than 250,000 computer systems in 150 countries, and
the Equifax hack in 2017 resulted in the compromise of personal information of over 146
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.