2018-08-06 | SIM hijacking and social engineering, AWS security pillar whitepaper list by Summit Route, and DEF CON is almost here

Monday, August 6

Happy security summer camp week. Safe travels for all heading to Vegas (or currently waiting in line somewhere in Vegas)!

TOP STORY

AWS Security Pillar Whitepaper update list maintained and updated by Summit Route. The AWS well architected framework - security pillar was just updated last week.

TWEET OF THE DAY

Ryan stole the money from my wallet by dumping memory. - @cybergibbons

OTHER ARTICLES WE’RE READING

More SIM jacking reporting from Motherboard on how criminals are targeting cell phone employees to help them find new targets
Lawmakers have questions about TSA Quiet Skies program and TSA will be briefing Congress after Jana Winters investigative report for The Boston Globe’s Spotlight Division.
Test driving a Tesla Model 3. Washington Post’s Geoffrey Fowler quickly noticed a bevy of privacy issues, like how by default, the car granted itself permission to collect video clips of wherever the car drives.
At Black Hat? Tune in Wednesday August 8th at 18:30pm in Lagoon JKL (Level 2) for The 2018 Pwnie Awards presentation
If you’re heading to DEF CON, check out the #hackertracker app for effective con planning and if you want to avoid line con, there’s always the DCTV live stream, broadcasting to these hotels.

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

“The weirdest thing is, they gave me this beautiful leather steampunk external hard drive, leather bound with knobs and dials… It looked fantastic. I’ve never plugged it into anything.”

Alisa Shevchenko

HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.