Hacking, AppSec, and Bug Bounty newsletter
2018-07-26 | Google’s Titan Security Key, Agari’s report on Federal DMARc adoption, and Tenable goes public
Thursday, July 26
Highlights on Google tools and releases at Next conference by Silicon Angle’s Mike Wheatley. Of note, they announced the launch of their own hardware key, the Titan Security Key, competing with Yubico. Good Hacker News thread on the launch.
OTHER ARTICLES WE’RE READING
WSJ reports Cosco Shipping Holdings Co. was hit by a cyberattack that has disabled the Chinese state-run company’s U.S. website and email systems. World maritime news has a short writeup
LifeLock “subscriberkey” tied each customer accounts to a numeric value which could be easily enumerated reports Krebs
New report by Agari on federal DMARC adoption shows 52% of the 1,144 executive branch domains have implemented DMARC at its strongest enforcement level. Agari praises the government for making strides, and presents it as a shining example for the implementation of common security standards.
Symantec profiles Leafminer group, active in cyber espionage activities in the Middle East. The group is described as inexperienced, eager to learn from others, and has poor operational security
Tenable went public today on Nasdaq with ticker TENB
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
In comparison to the private sector, the U.S. Government should serve as a shining example for the implementation of common security standards.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.