Thursday, April 25
TOP STORY
Spoofing Mr. Morgan: Cyberscoop reports on GreyNoise intelligence data that shows how the last several days have seen a surge in internet traffic mimicking the IP addresses of big U.S. banks.
OTHER ARTICLES WE’RE READING
NCSC’s got a great new video describing VDP
Beyond Ticket Trick: research by hacker @uranium238 diving into ZenDesk flows, Slack, Zoom and many others. Example report to GitLab.
@Oxacb’s viewgen, ASP.NET ViewState generator
Love it when a plan comes together: Apple bug bounty paying bounties. App Store gift cards anyone?
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
“A vulnerability disclosure program improves cybersecurity and helps create a positive public image. It provides a public front door allowing your organization to immediately receive vulnerability reports. Enabling action to be taken following a predefined workflow that includes triaging the report. This streamlines response times and provides a clear communication channel between the finder and your organization.”