2018-10-10 | Natalie’s WhatsApp bug, More debates on the Bloomberg Chinese Microchip stories, and What are the biggest cybersecurity trends in 2018

Wednesday, October 10

TOP STORY

• Natalie Silvanovich discovered a WhatsApp vulnerability where answering a call from an attacker could completely compromise the iOS or Android client.

TWEET OF THE DAY

• It would be great to move InfoSec norms closer to aviation safety, where close-calls are disclosed in a standard, centralized manner and discussed rationally by experts who extract lessons from the mistakes of others. However, we currently don't live in that world. (1/6) - @alexstamos

OTHER ARTICLES WE’RE READING

• Yup: The Cybersecurity World Is Debating WTF Is Going on With Bloomberg’s Chinese Microchip Stories. Patrick has some more questions

• Intel’s 9th generation CPUs to include hardware protection Spectre and Meltdown variants

• Dropbox CISO Chris Evans answers What are the biggest cybersecurity trends in 2018?

• WeldPond: do we need a DOD Weapons Village at DEF CON?

• Patch Tuesday including notes on an active exploitation of CVE-2018-8453

• Opportunity for H1 customers: Shall we (re)test?

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

“We’re befuddled.”

Rob Joyce on the Big Hack Bloombouzle Story