Wednesday, February 20
TOP STORY
Symantec published their internet security threat report. Highlights include formjacking as a “breakthrough” threat. Cryptojacking occurred 4x more than 2017, but trended down at the end of the year coinciding with cryptocurrency values tanking. Other high level stats include 78% increase in supply chain attacks, 100% increase in malicious powershell scripts and almost half of all malicious email attachments are Office files.
OTHER ARTICLES WE’RE READING
Krebs dives deep on recent DNS hijacking attacks
An independent security firm in Baltimore, Maryland reviewed 5 popular password managers
CERN reproduced the first browser in all its glory. Now you can browse www like it’s 1990.
WordPress 5.0.0 RCE by Simon Scannell
The day is here: lightsaber dueling is declared an official sport in France reports the Verge
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
Large organizations down to mom-and-pop entities are not paying attention to some very basic security practices, like multi-factor authentication. These days, if you have a sub-optimal security stance, you’re going to get owned. That’s the reality today. We’re seeing much more sophisticated adversaries now taking actions on the Internet, and if you’re not doing the basic stuff they’re going to hit you.
John Crain, chief security, stability and resiliency officer at ICANN