ZERO DAILY

Hacking, AppSec, and Bug Bounty newsletter

2019-04-08 | FIN6 resurgence, Garden variety malware, and Reverse engineering iOS applications

Monday, April 8

TOP STORY

TWEET OF THE DAY

Forget spamming XSS payloads. In my experience, goal based hacking has been extremely effective.

1. Click around and pay attention to how the product works.

2. Have an idea for a high impact, app specific goal.

3. Try literally everything you can possibly think of to achieve it.

@itscachemoney

OTHER ARTICLES WE’RE READING

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

A Bug Bounty is a really important part of the lifecycle, because things that we found, using external researchers, as supporting us can actually be encoded in our automation systems. So we can actually learn from those things that we've seen in the past, and actually directly apply those into our systems internally.

John “Four” Flynn, Uber CISO