Bug Bounty's posts - Thai uPOST

General Motors Is Expanding Its Bug Bounty Program General Motors Is Expanding Its Bug Bounty Program

A security researcher recently notified General Motors that they had found a way to circumvent data limits on the OnStar wi-fi hotspot systems included in many of its vehicles, grabbing unlimited free wi-fi access. The flaw was reported through GM’s 2-year-old vulnerability disclosure program and was patched within a…

Bug Made It Possible to Take Over Tinder Accounts with Just a Phone Number Bug Made It Possible to Take Over Tinder Accounts with Just a Phone Number

Vulnerabilities in Tinder and in Facebook’s Account Kit tool could have allowed a hacker to take over a user’s Tinder account—gaining access to their private messages—using only the victim’s phone number.

No One Looks Good in Uber's Bug Bounty Fight No One Looks Good in Uber's Bug Bounty Fight

This weekend, a security consultant detailed what he believed were serious vulnerabilities in Uber’s software—and his disbelief that the company’s bug bounty program refused to pay him for his research. Unfortunately, it’s a story without heroes.

Air Force Hackers Earn Biggest Government Bug Bounty Ever Air Force Hackers Earn Biggest Government Bug Bounty Ever

A pair of hackers discovered a vulnerability in Air Force software that allowed them to gain access to the Department of Defense’s unclassified network—a find that earned them more than $10,000, the largest payout ever in a government bug bounty program.

Relatable Uber Hacker Was Just Trying to Pay His Bills Relatable Uber Hacker Was Just Trying to Pay His Bills

Uber revealed last month that it paid a hacker $100,000 to keep quiet about the fact that he stole personal data on 57 million users. Now, details about the hacker’s identity are starting to come out—he is a 20-year-old from Florida who lives with his mother and wanted to help pay the bills, Reuters reports.

DJI Rewarded Bug Bounty Discovery With Legal Threats, Developer Claims DJI Rewarded Bug Bounty Discovery With Legal Threats, Developer Claims

Bug bounty programs are indispensable tools for finding security vulnerabilities and are used by major tech companies like Google and Microsoft. Following an order from the US Army for personnel to stop using DJI drones due to security issues, the company launched its own bug bounty program. Now, one researcher says…

Internet Mob Descends Upon Facebook Page of Company That Snitched on Innocent Hacker Internet Mob Descends Upon Facebook Page of Company That Snitched on Innocent Hacker

If you’re looking for a lesson in how not to respond to bug reports, look no further than Budapest, where the city’s public transit system is getting savaged on Facebook for snitching on a security researcher who discovered a flaw in its online ticketing site.

Researcher Found Another Twitter Vulnerability That Allowed Tweeting From Any Account Researcher Found Another Twitter Vulnerability That Allowed Tweeting From Any Account

A bug in a Twitter product could have allowed attackers to send tweets from any account and delete photos and videos from published tweets, according to a recent blog post by the security researcher who discovered it. It’s the second broad vulnerability in the product, called Studio, that’s come to light recently,…

Finding the Next iPhone Hack Could Net You $1.5 Million Finding the Next iPhone Hack Could Net You $1.5 Million

Cracking the iPhone might be harder to do these days, but that only makes it more valuable. On Thursday, exploit vendor Zerodium announced they were tripling their bounty for a zero-day hack of Apple’s iOS 10, offering a new maximum payout of $1.5 million.

Pokémon Go Desperately Needs a Bug Bounty System Pokémon Go Desperately Needs a Bug Bounty System

This past weekend, many Pokemon Go gyms were rendered unplayable. Players trying to battle at sites like Big Ben were greeted not by a ‘mon but by an egg that glitched the game, protecting these gyms from being defeated. Eggs appeared in New York City, London, and elsewhere—and almost all of them were placed there by…

A 10-Year-Old Hacked Instagram A 10-Year-Old Hacked Instagram

Some kids save up allowance money to buy a afford a new bike. Jani, a 10-year-old Finnish boy, decided to hack Instagram, and now he’s $10,000 richer.

The Pentagon's Rewards Program for Hackers Has a Bizarre Loophole The Pentagon's Rewards Program for Hackers Has a Bizarre Loophole

The Department of Defense launched a new program last week, “Hack the Pentagon,” to reward hackers for pointing out security flaws in some of its public-facing websites. It’s a bug bounty, the same kind of program that most big tech firms use to encourage hackers to help instead of harm. The program budget is…

Company Offers $1 Million for iOS Hack, Will Probably Sell It to the NSA Company Offers $1 Million for iOS Hack, Will Probably Sell It to the NSA

A cleverly-named security company has a clever idea. Zerodium will pay you $1 million if you find a zero-day exploit in iOS 9. Then, if history is any indicator, it will turn around and sell that intelligence to a despotic regime like the NSA.

United Can't Even Be Bothered To Pay Money For Finding Security Bugs United Can't Even Be Bothered To Pay Money For Finding Security Bugs

Bug bounty programs are pretty common among tech firms: the likes of Facebook and Google (although notably not Apple) will offer you hundreds of thousands of dollars in order for exposing security flaws in their products. It’s a good system, and one United Airlines wants to use: just without offering cold, hard cash.

Some Guy Figured Out How to Delete Every Photo on Facebook

A security researcher recently made a seriously startling discovery. With just four lines of code, he says he could delete any photo album on Facebook. Zuck's wedding photos? Zap. Your high school graduation album? Lost forever. Lucky for you, he decided to report the bug to Facebook, which promptly cut him a check.

Language