Hacking, AppSec, and Bug Bounty newsletter
2018-09-24 | The business of voting, SysmonSearch by Japan CERT/CC, and From VNC to reverse shell
Monday, September 24
NPR’s Michael Parks looks at the business of voting. Related: only 11% of jurisdictions in the US have signed up for the federal election threat alert system.
OTHER ARTICLES WE’RE READING
Japan CERT/CC releases SysmonSearch, “a system based on Elastic Stack . Sysmon log analysis function (search, statistical analysis and visualisation) is implemented by Kibana Plugin.”
Weird Twitter bug allowed private DM’s to be sent to third-party developers. Only messages sent to brand accounts were affected.
Interesting thread started by Matthew Green logging into a Google site on Chrome now logs you into the browser. Some nuance notes from the Chrome team, such as “auto-syncing is opt-in”.
NYT’s Stephen Hiltner on Def Con, anonymity and hacker handles. Great article with beautiful photos.
From VNC to reverse shell by benjojo
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
We want to be the clock tower in every town square that people can rely on.