ZERO DAILY

Hacking, AppSec, and Bug Bounty newsletter

2019-05-29 | OSINT 101, SnapLion, XSS Hunter gone postal

Wednesday, May 29

TOP STORY

  • One simple IDOR. Krebs First American Financial Corp. breach bomb last Friday smartly dropped before a long holiday weekend as all other journalists were probably on vacay for the weekend or at least not in the state of mind to chase a big story. “These types of data exposures are some of the most common yet preventable”.

TWEET OF THE DAY

  • I had my BXSS payload on one of my tax documents this year.. - @nahamsec

OTHER ARTICLES WE’RE READING

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
 

In 2019, we don't need more people preaching about cybersecurity with fear. Most of us get it, and the new folks are coming to the table ready.

Don't preach to me about the need for change, tell me a story about how we can facilitate the change we need.

Allan Friedman