Hacking, AppSec, and Bug Bounty newsletter
2018-07-30 | The “unhackable” BitFi wallet, The likelihood of a NetSpectre in-the-wild attack, and Gmail’s confidential mode is not so confidential
Monday July 30
They call him no hack scam-a-lot MaCafee. Bitfi’s hardware wallet is a stripped back, low-end Android phone with parts missing. Read entire cybergibbons thread. Ryan Castelluci looked at the source code, concluding “Bitfi’s hardware wallet is terrible”. This is not a bug bounty program, and if no-one wins the “contest” it means nothing, quoting Bruce Schneier.
TWEET OF THE DAY
What’s your favourite server side vulnerability class, and why? - @infosec_au
OTHER ARTICLES WE’RE READING
Multiple vulnerabilities in Samsung’s SmartThings hub reports Talos
Ryan Magoo is crowdsourcing the likelihood of a NetSpectre in-the-wild attack
Grigor Atanesian from the Wisconsin Center for Investigative Journalism dove deep on election security in the key swing state.
Risky Business podcast copycat - really AdventIM, really?
Don’t call it a comeback. Lava lamps as Cloudflare’s random number generators.
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
Rigorously auditing the outcome of the election is an essential safeguard against cyberattacks
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.