Wednesday, April 17
TOP STORY
Private spy, Lucas Lambert, targeted critics of Kaspersky Lab reports AP News. Journalist who penned the piece, Raphael Satter, has a detailed thread about the connections to Citizen Lab stings and other shenanigans by what appears to be the same person/group.
TWEET OF THE DAY
When people ask you why you take time to bang out a full PoC for a bug you've filed internally. - @IAmMandatory
OTHER ARTICLES WE’RE READING
SentinelOne on domain fronting: it’s benefits and why it’s dying. Teaser at the end for encrypted SNI, a proposed extension to TLS 1.3 that is intended to solve the problems domain fronting was used for.
Reverse-engineering Broadcom wireless chipsets detailed post by Quarkslabs and a productive intern.
Sage and sharer of the bug bounty scripts: TomNomNom’s got a “thinly veiled #bugbountytip that is actually a #linuxtip.” :smile: :heart:
Distil Networks’ bad bots report 2019 edition. Bad bots accounted for 20% of traffic in 2018, and financial sector is most targeted.
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
You ever misspell commands so often that you just alias the misspelling?