Hacking, AppSec, and Bug Bounty newsletter
2018-10-30 | VPN extensions are not for privacy, Dystopian memory corruption attack, and Bypassing AMSI
Tuesday, October 30
With US elections next week, everyone is writing about election security. A few samples: Associated Press looks at election tech vendors, Washington Post looks at the Ukraine story that preceded 2016 elections, and PC Mag covers everything from Guccifer 2.0 to 2016 results to today’s election security landscape. Axios has some analysis on Russia’s 2016 social media influence campaign agenda.
TWEET OF THE DAY
My Twitter drafts of “things I believe but probably shouldn’t share because it will be misinterpreted and vilified” is growing - @ryanhoover
OTHER ARTICLES WE’RE READING
Filedescriptor: VPN extensions are not for privacy.
Dystopian memory corruption attack, the Black Mirror painted future of hacking memories
Bypassing AMSI and executing powershell code, by zc001 highlighting CyberArk
Kraken Ransomware new analysis by McAfee
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
I don't know since when VPN extensions have become popular, but VPN extensions should actually be called proxy extensions. The underlying involves no VPN but proxy, yet they claim they are as secure and private as a regular VPN.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.