What if you get one Million Frequent Flyer Miles for Free? Affirmative, one Million Air Miles…
…I suppose that will be enough for many excellent journeys to Europe or up to twenty round-trips within the u. S...
Two laptop Hackers have earned over one Million frequent-flyer miles every from United Airlines for locating multiple security vulnerabilities within the Airline's web site.
Back in might this year, Chicago-based 'United Airlines' launched a bug bounty program and invited security researchers and bug hunters to search out and report security vulnerabilities in its websites, software, apps and net portals.
Jordan Wines, a security man of science from FL and one in all 2 bounty winners, tweeted last week that he earned United Airlines' high reward of one Million Miles for locating a flaw that might have allowed a hacker to seize management of 1 of the airline's websites.
Wiens isn't allowed to disclose the technical details concerning the vulnerabilities, however in Associate in Nursing email Interview with The Hacker News, Jordan Wines told that he earned total one,250,000 Million Frequent Flyer Miles underneath United Airlines' Bug bounty program.
One Million Miles for news a significant Remote Code Execution (RCE) vulnerability within the United Airlines web site.
Another 250,000 Frequent Flyer Miles for locating little a lot of vulnerabilities in its web site, together with Associate in nursing info escape bug.
Wiens has conjointly confirmed The Hacker News that the failings he reported to the Airlines were remotely exploitable.
The question here is -- "Could Associate in Nursing of those bugs let an assailant to steal users’ information or has any ability to directly impact the flight system?"
To which, Wines replied, "Unfortunately I {actually have} no plan what I might have finished it as a result of I did not actually exercise the flaw and establish what restrictions might need been enabled server-side."
United interpreter Luke Punzenberger same, "We're assured that our systems area unit secure," and that they have patched all the backdoors into their systems before hackers might notice and exploit them.
In the school World, supporting and running a bug bounty program could be a vital success for on-line security and such initiatives will certainly price the airlines but hiring high-profile consultants.
0 comments :
Post a Comment