Hacking, AppSec, and Bug Bounty newsletter
2018-12-05 | GitHub desktop RCE (OSX) writeup, Rudy’s twitter typo, and Australia’s controversial encryption bill
Wednesday, December 5
Australian journalist David Wroe covers a recent deal struck by Australian Parliament that would give police and spy agencies power to force tech firms to give access to encrypted messages on platforms such as WhatsApp and Telegram for suspected criminals. Patrick Howell Oneill asks, “why isn’t this getting more attention”?
TWEET OF THE DAY
On the 12th day of REKT-mas, my cryptos gave to me:
12 markets crashing
11 feds indicting
10 hacked smart contracts
9 forks of Bitcoin
8 lambo repos
7 bankrupt miners
6 useless tokens
5 exit scams
4 exchange hacks
3 rage quits
2 margin calls
and a Bitcoin o-bit-u-a-ry
OTHER ARTICLES WE’RE READING
Andre’s h1-702 bug writeup: GitHub desktop RCE (OSX)
Web vulns and the people who love them by @tomnomnom. Great overview of top bugs by a top hacker. Great for people new to bug bounties.
House GOP committee claims it was the subject of a cyber attack during the 2018 campaign
“Cyber czar” typo heard round twitter
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Don’t reboot it, just patch!
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.