ZERO DAILY
Hacking, AppSec, and Bug Bounty newsletter
2019-05-01 | 6 buckets of prodsec, TikTok security quiz, and Telnet is not a backdoor
Wednesday, May 1
TOP STORY
-
Did Vodaphone find a backdoor in Huawei equipment? No. Is Telnet a backdoor? No. Did Bloomberg make a mistake. Yes, it appears so.
TWEET OF THE DAY
-
I look forward to the con submissions, threat intelligence reports and tweets about nation state whale attacks and how you can protect yourself by machine learning. - @dcuthbert
OTHER ARTICLES WE’RE READING
-
6 buckets of prodsec from Collin Greene. Prevented > autofound > humanfound > externally found > unfound > exploited. Shifting left = winning.
-
BSA Framework for secure software to help developers identify the state of software security and its security goals. Worthy goals by Apple, Microsoft, Oracle and others.
-
Some great infosec newsletters to follow. Also, RSS is back. Miessler says so.
-
Well done TikTok: Push notification for TikTok app serving up security quiz to its users
-
Oh the humanity. Comic Sans?!?
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
Unsecured IoT devices will be like the new asbestos. We will build them into our environments, only to have to rip them back out years later.