Hacking, AppSec, and Bug Bounty newsletter
2019-01-22 | Google’s GDPR fine, Stanford’s bug bounty program, and NSA trolling
Tuesday, January 22
Google is being fined €50m by CNIL, the French data protection authority. It is the first big fine under the European Union's General Data Protection Regulation (GDPR) so people will be watching closely. And Washington Post reports that US Regulators have met to discuss fining Facebook for privacy violations.
TWEET OF THE DAY
Why path traversal vulnerabilities often "work" better on Windows. E.g. CVE-2018-1999002. (An arbitrary file read vulnerability in Jenkins/Stapler discovered by @orange_8361) - @ulldma
OTHER ARTICLES WE’RE READING
WhatsApp limiting text forwards to combat disinformation and rumorville
NSA trolling at Shmoo. Well played.
Everything you need to know to hack Stanford by Jack Cable
Are you part of the Patriots club? BlackRock inadvertently posted PII on thousands of financial advisors on its iShares account. The sheets included phrases like “dabbler” and “power user”.
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
It's like China took Black Mirror and 1984 and used them as architecture documents.