Hacking, AppSec, and Bug Bounty newsletter
2019-03-08 | Using Twitter to spot trending vulnerabilities, Gone in six seconds, and A deep dive into Triton malware
Friday, March 8
Wired highlights team of researchers that are using Twitter to spot “trending vulnerabilities” by accurately ranking the severity of vulnerabilities based on an automated analysis of human language. Read the full research paper Analyzing the Perceived Severity of Cybersecurity Threats Reported on Social Media.
TWEET OF THE DAY
Threatcrowd is able to list domains registered by a specific email address: https://firstname.lastname@example.org … Very handy for open-scope #bugbounty programs!
#bugbountytip - @MrTuxracer
OTHER ARTICLES WE’RE READING
A US Senate subcommittee published a scathing report titled How Equifax neglected cybersecurity and suffered a devastating data breach.
InfoSecSherpa wants you to turn a children's book into an #InfoSec book title
A deep dive into Triton malware by E&E News’ Blake Sobczak
Gone in six seconds: Pentest Partners reports some pretty devastating stuff on several popular car alarm manufacturers
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
“I was surprised that a company as big as Equifax who has so much sensitive data on so many people in this country was so ill prepared to anticipate a cyber attack and to be able to thwart it.”