TesterHQ - The Evil Tester Blog Aggregator

Mar 31, 2018 - 4 minute read - In The News

Software Testing News - 21st March 2018 to 31st March 2018

Software Testing News at 31st March 2018

News from the world of IT relevant to Software Testing and Software Development professionals.

All the news stories are expanded with lessons learned for Software Testers as part of our Patreon Mentoring Content Learn More: http://eviltester.com/page/patreon

Software Testing News - 21st March 2018 to 31st March 2018

https://youtu.be/RolSZ_48DKY

This presentation contains images that were used under a Creative Commons License. See end of post to see the full list of images and attributions.

Free Web Security Training from HackerOne

HackerOne announced via Medium the availability of their free introduction to web security course.

This was originally a paid course called “Breaker 101” and is now called “Hacker101”

Now that the course is free on HackerOne, they will be adding more content.

The videos are free on YouTube, and I think it is worth checking out.

Source: Medium http://bit.ly/2pwEvJM

Netflix Opens Bug Bounty Program to the Public

The Netflix Bug bounty programme has been running since 2013 but only open to a select group of security researchers.

Now anyone with a free Bugcrowd account can take part.

If you already use Netflix, and want to learn security testing, this might be a good bounty to experiment with.

Remember - hacking is illegal, unless it is part of a bug bounty program.

Have fun.

Source: The Verge http://bit.ly/2IFgc5v

Apple Siri will read out loud hidden messages

Threatpost reported that Apple have confirmed a privacy bug in iPhone.

The bug allows anyone to access hidden messages that appear as notifications on locked phones.

All anyone has to do is ask Siri to “read my last email”.

And Siri will. Even if Siri is not supposed to.

Assuming Siri understands what you say. But Siri doesn’t seem to understand what I say.

Source: Threatpost.com https://bit.ly/2G2BF6C

Github Automated Security Scan

GitHub announced that its automated vulnerability scanner found that over 500,000 repositories were using dependencies with known Common Vulnerabilities and Exposures.

The dependency scanning is available for Ruby and JavaScript projects.

Source: The Register https://bit.ly/2pG7rjL

Detailed Sources:

Free Web Security Training from HackerOne

Found: 20180320

Netflix Opens Bug Bounty Program to the Public

Found: 20180321

Apple Siri will read out loud hidden messages

Found: 20180322

Github Automated Security Scan

Found 20180323

All the news stories are expanded with lessons learned for Software Testers as part of our Patreon Mentoring Content Learn More: http://eviltester.com/page/patreon

Image Attributions

This video presentation was created using Content Samurai, and contains images used in accordance with the Creative Commons License. Here are the specific images used and the attribution details that are currently available:

To view images in context