Ethical hackers find hundreds of vulnerabilities during latest Air Force bug bounty

[InfoSec News <alerts () infosecnews org>]

https://www.fifthdomain.com/2020/04/15/ethical-hackers-find-hundreds-of-vulnerabilities-during-latest-air-force-bug-bounty/

By Andrew Eversden
Fifth Domain
April 15, 2020

Ethical hackers found more than 460 vulnerabilities in an Air Force platform 
during the most recent iteration of the “Hack the Air Force” program, according 
to a April 15 news release from security research company HackerOne.

Through “Hack the Air Force 4.0,” which ran from Oct. 23 to Nov. 20, 60 
security researchers searched for vulnerabilities in an Air Force virtual data 
center. They ultimately earned a total of $290,000, the highest total given out 
through its bug bounty program so far.

At the in-person event, hackers could search for loopholes in a “specific 
asset” from the U.K. Ministry of Defence, the release said. The event “gave 
hackers the opportunity to collaborate with peers and military personnel to 
discover vulnerabilities," according to HackerOne.

"The U.S. Air Force provides an example of the proven impact of collaborating 
with hackers to bolster security,” said Jon Bottarini, federal technical 
program manager lead at HackerOne. “Through Defense Digital Service, the DoD 
has established an expansive and powerful approach to cybersecurity today, and 
we look forward to bringing this new challenge to the hacker community up for 
the task.”

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_