Hacking, AppSec, and Bug Bounty newsletter
2018-07-25 | Tax Security 101, Meet runa Sandvik, and GhostPack
Wednesday, July 25
Krebs reports: 8-month phishing campaign allowed criminals to steal more than $2.4 million from Virginia-based The National Bank of Blacksburg. Now the bank is suing its insurance company for refusing to fully cover the losses.
TWEET OF THE DAY
Wow. IRS Scammers stole $22,500 from a victim and impersonated @Raytheon by doing business as "Raytheon International" while doing the wire transfer. - @jon_bottarini
OTHER ARTICLES WE’RE READING
IRS published the latest in their Tax Security 101 aimed at educating tax professionals on some best practices
NYT’s profiles it’s own: Meet Runa Sandvik, the senior director of information security for The New York Times
Pro wrestler was “SIM swapped” and had their Twitter account taken over reports Motherboard
- White House appoints Grant Schneider as the new Federal CISO - the top cybersecurity official in the U.S. government
GhostPack: a collection of new offensive security C# tools
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
… language such as “throwing switches” and noting it would cause “black outs” is in no way representative of what was seen in these intrusions. In these cases the adversary was taking screenshots of HMIs.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.