2019-05-01 | 6 buckets of prodsec, TikTok security quiz, and Telnet is not a backdoor

Wednesday, May 1

TOP STORY

• Did Vodaphone find a backdoor in Huawei equipment? No. Is Telnet a backdoor? No. Did Bloomberg make a mistake. Yes, it appears so.

TWEET OF THE DAY

• I look forward to the con submissions, threat intelligence reports and tweets about nation state whale attacks and how you can protect yourself by machine learning. - @dcuthbert

OTHER ARTICLES WE’RE READING

• 6 buckets of prodsec from Collin Greene. Prevented > autofound > humanfound > externally found > unfound > exploited. Shifting left = winning.

• BSA Framework for secure software to help developers identify the state of software security and its security goals. Worthy goals by Apple, Microsoft, Oracle and others.

• Some great infosec newsletters to follow. Also, RSS is back. Miessler says so.

• Well done TikTok: Push notification for TikTok app serving up security quiz to its users

• Oh the humanity. Comic Sans?!?

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
 

Unsecured IoT devices will be like the new asbestos. We will build them into our environments, only to have to rip them back out years later.

Harley Geiger