U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

2 HackerOne members received each over $1M via Bug programs

Bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by participating bug bounty programs. Bug bounty programs could be a profitable activity, the popular bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by helping companies in discovering flaws […]

bug bounty

Bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by participating bug bounty programs.

Bug bounty programs could be a profitable activity, the popular bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by helping companies in discovering flaws in their systems.

Of course, we are speaking of two white hat hackers that dedicate their time to finding vulnerabilities.

HackerOne on Friday published the 2019 Hacker Report, which provides interesting info on its bug bounty programs. Over 300,000 white hat hackers have registered on the platform that awarded over $42 million in bounties for more than 100,000 vulnerabilities.

The Hacker Report details the more than 300,000 individuals that represent our hacker community today.” reads the report.

“$19 million in customer bounties earned in 2018 represent nearly the bounty totals for all preceding years combined. At the end of 2018, hackers had earned more than $42 million for valid results.”

The first white hat hacker that was able to earn over $1 million through HackerOne programs was Santiago Lopez from Argentina. Lopez is a
19-year-old hacker goes online with the moniker ‘try_to_hack,’ is a member of the HackerOne platform since 2015. The young hacker has already discovered thousands of vulnerabilities through the platform, including flaws in Twitter and Verizon Media services.

“Like many hackers, Lopez is self-taught. He was first inspired to get started after seeing the movie Hackers and learned to hack by watching free online tutorials and reading popular blogs. In 2015, at 16-years-old, he signed up for HackerOne and earned his first bounty of $50 months later. He chose his alias “try_to_hack” to keep himself motivated — he was determined to try to hack companies regardless of whether he knew he could succeed. He keeps the name today to remind him of how he started as a bug bounty hacker.” reads a post published by the Associated Press.

“Over the past three years of hacking after school and now full-time, he has earned nearly forty times the average software engineer salary in Buenos Aires on bug bounties alone.”

The second white hat hacker who made the headlines earning over $1 million is Mark Litchfield, which goes online with the moniker ‘mlitchfield.’ Litchfield discovered hundreds of vulnerabilities in the software from major firms, including Dropbox, Yelp, Venmo, Starbucks, Shopify and Rockstar Games.

Among the most interesting surprises emerged in the report is the increase of the members of from African countries.

bug bounty

Most of the hackers are under the age of 35 and 81% claim to have learned to hack on their own

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Bug bounty, HackerOne)

[adrotate banner=”5″]

[adrotate banner=”13″]