US Air Force Hacked for Good at HackerOne’s Bug Bounty Event

Haythem Elmir 6 ans ago
0 1
Read Time2 Minute, 6 Second

106 Security Flaws Identified in Operationally Significant DoD Websites under US Air Force’s Bug Bounty Challenge.

A team of white hat hackers working with HackerOne, a vulnerability coordination and bug bounty platform hosted a bug bounty event in collaboration with the US Air Force to identify bugs and security vulnerabilities in Air Force systems.

This live-hacking event, dubbed as the Hack the Air Force bounty bug challenge 2.0, was the second installment of last year’s bug bounty challenge introduced by the US Air Force (USAF). The first bug bounty challenge was held from 30th May to 2017-23rd June 2017 and around 207 valid security flaws were identified while the event was attended by participants from the US only.

 

At Hack the Air Force 2.0 event, hackers managed to identify 106 valid vulnerabilities in the cyber-security systems of the US Air Force. The department paid $103,883 to successful hackers, which is somewhat lower than what was paid by the Air Force last year, which accumulated to a total of $133,400.

This time the event went global as hackers from 26 countries including UK, Canada, USA, Netherlands, Sweden, Latvia, and Belgium were invited to participate in the event and look for security flaws in the USAF systems and also to fix them. The purpose of the initiation of this program is to improve the security of USAF’s public-facing digital assets.

According to a HackerOne spokesperson, all the identified vulnerabilities are completely new and have never surfaced before. The event started on 9 December 2017 where 24 hackers collaborated with DoD (department of defense) and USAF personnel and around 55 flaws were detected in 9 hours. The event was 20 days long and operated by HackerOne; according to co-founder and CTO of HackerOne, Alex Rice, this is the very first time his firm has worked with Defense personnel “on site” in a live-hacking event.

“We have done the bug bounty programs remotely in the past, which is common and this was the first one to start off with a live event,” Rice told eWeek.

The identified flaws affected over 300 public websites (which were deemed operationally significant by DoD and belonged to the USAF). 55 of these flaws were noticed in December on the very first day while the others were detected later on. The event was held in New York.

To read the original article:

https://www.hackread.com/us-air-force-hacked-at-hackerones-bug-bounty-event/

 

About Post Author

Haythem Elmir

haythem.elmir@keystone.tn
http://ww.cyber.tn
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%
(Add your review)

Laisser un commentaire

Next Post

Payment Card Breach Hits Some Applebee's Restaurants

lun Mar 5 , 2018
RMH Franchise Holdings revealed on Friday that malware had been found on point-of-sale (PoS) systems at the Applebee’s restaurants it operates as a franchise. RMH disclosed the incident on Friday afternoon, which often indicates an attempt to avoid the news cycle and fly under the radar. The company posted a […]

You May Like