In a bid to compensate security researchers for disclosing existing flaws and to also safeguard their system, giant tech companies like Google and Facebook uses the bug bounty program. Where many hackers are empowered with thousands of dollars.
Reports released last year, by Google, shows that hackers were rewarded $3 million throughout 2016. Now, the latest on the list is a Uruguayan student who was rewarded with $10,000 for discovering a vulnerability in Google.
According to Ezequiel Pereira, he was playing with Google services using a web security testing tool known as Burp Suite when he found the vulnerability. Afer many failed attempts, he discovered that the internal web page of yaqs.googleplex.com, which hosts several Google App Engine applications, didn’t have the username or password check in place.
Google’s security team confirmed the efficasy of the reported bug. However, the vulnerability has been resolved. Meanwhile, screenshots of the email exchanges with Google’s security team was shared by Ezequiel the same day. Also saying he was very surprised when he received $10,000 from Google team for his work after a month.
Reports released last year, by Google, shows that hackers were rewarded $3 million throughout 2016. Now, the latest on the list is a Uruguayan student who was rewarded with $10,000 for discovering a vulnerability in Google.
According to Ezequiel Pereira, he was playing with Google services using a web security testing tool known as Burp Suite when he found the vulnerability. Afer many failed attempts, he discovered that the internal web page of yaqs.googleplex.com, which hosts several Google App Engine applications, didn’t have the username or password check in place.
“The website’s homepage redirected me to “/eng”, and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: “Google ConfidentialEzequiel Pereira wrote.
“At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp.”
Google’s security team confirmed the efficasy of the reported bug. However, the vulnerability has been resolved. Meanwhile, screenshots of the email exchanges with Google’s security team was shared by Ezequiel the same day. Also saying he was very surprised when he received $10,000 from Google team for his work after a month.
Copy the link below and Share with your Friends:
About EntblogBlogindoor.com Is A Top Tech Blog That Provides Free And Cheap Browsing Cheats On Mtn, Etisalat, 9mobile, Glo And Airtel, Latest Phone And PC Updates, Tweaking Guides And Tech News.
No comments:
Post a Comment