What is your cybersecurity need?
Protect your evolving assets.
Scale app security across the SDLC.
Build your brand and protect your customers.
Meet compliance requirements and more.
Reshaping the way companies find and fix critical vulnerabilities before they can be exploited.
The first step in receiving and acting on vulnerabilities discovered by third-parties.
Continuous testing to secure applications that power organizations.
Establish a compliant vulnerability assessment process.
Highly vetted, specialized researchers with best-in-class VPN.
Enhance your hacker-powered security program with our Advisory and Triage Services.
Hacking, AppSec, and Bug Bounty newsletter
Friday, March 15
Beto: CDC member. Hacker. US Presidential hopeful. Reuters’ Joseph Menn writes a detailed and interesting profile on former US Congressman from Texas, Beto O’Rourke.
RCE on Steam Client via buffer overflow in Server Info [57 upvotes] - $18,000 bounty for this report to Valve Software by @vinnievan and @0xacb
Persistent XSS on keybase.io via "payload" field in `/user/sigchain_signature.toffee` template [50 upvotes] - $3,000 bounty for this report to Keybase by @jordanmilne
TWEET OF THE DAY
True story. “Decaf coffee only works if you throw it at people.” - @amyengineer
OTHER ARTICLES WE’RE READING
Android Q Beta has some new privacy features
Challenges that cause CISO’s to fail by Gary Hayslip
$10k Facebook bug: "Make someone moderator of the group using analyst role"
RIPS Tech asks, Can you spot the vulnerability?
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
It’s hard to believe that we might even see a hacker run for president.
Reduce your company’s risk of security vulnerabilities and tap into the world’s largest community of security hackers. Contact us today to see which program is the right fit.