What is your cybersecurity need?
Protect your evolving assets.
Scale app security across the SDLC.
Build your brand and protect your customers.
Meet compliance requirements and more.
Reshaping the way companies find and fix critical vulnerabilities before they can be exploited.
The first step in receiving and acting on vulnerabilities discovered by third-parties.
Continuous testing to secure applications that power organizations.
Establish a compliant vulnerability assessment process.
Highly vetted, specialized researchers with best-in-class VPN.
Enhance your hacker-powered security program with our Advisory and Triage Services.
Hacking, AppSec, and Bug Bounty newsletter
Thursday, April 11
Android vs botnets. Score 1 for the good guys. In other, more recent, Android news,‘MuddyWater’ APT reportedly seen in the wild attacking Android
TWEET OF THE DAY
“It’s not the worst thing I’ve ever used” - How engineers say nice things about software - @mrb_bk
OTHER ARTICLES WE’RE READING
How Heartbleed turned vulnerabilities into brands, great writeup by Joe Uchill in the Today’s Axios Codebook
Julien’s Dell KACE K1000 Remote Code Execution that he found at h1-3120 2018 live hacking event in Amsterdam.
@Rhynorator’s common ways to get RCE. Lots of cool engagement on this thread!
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
There's all kinds of stuff here that screams opsec and very regimented tasking.
Jake Williams on TajMahal spyware
Reduce your company’s risk of security vulnerabilities and tap into the world’s largest community of security hackers. Contact us today to see which program is the right fit.