[News] “Hack the Pentagon” : already 100 security flaws discovered

Beautiful bug harvest for hackers eligible to participate in the Pentagon Hack program. No less than 100 vulnerabilities were discovered.

Last March, the US Department of Defense launched its bug research program, “The Pentagon Hack“. It was not until April that this contest registrations are open. The program created in partnership with HackerOne was reserved for hackers previously saved and the profile was checked. These should also be US citizens. The targets were also predefined outside sensitive areas.

A challenge that 1400 certified hackers have taken up between April 12 and May 18 and the harvest was good, said Ashton Carter, Secretary of State for Defence during a technology forum in Washington. No less than 100 flaws were discovered, said the minister, without giving details on these vulnerabilitie.

He added that the Defense Ministry plans to pay a bonus up to $ 15 000. “Hackers help us strengthen our security at a lower cost,” says Ashton Carter, adding that he prefers “the brilliant work of the white hackers, rather than to be given lessons by pirates.

Success of the first federal Bug Bounty

A first Bug Bounty so successful for the Pentagon, which assumes having pioneered at the federal level. “Why nobody else has done at the federal level? “Questioned Ashton Carter. “There is no good answer to that question,” begs the policy, but to praise the success of the initiative. The Pentagon later followed a movement initiated by the giants of Silicon Valley, like Facebook, Microsoft and Google. Firms that have spent millions of dollars to reward hackers.

Note that the Pentagon has created in March the “Defense Innovation Advisory” in charge of adapting the administration to technological change from the private world. This advisory board is headed by Chairman Eric Schmidt Alphabet, the parent company of Google. Ashton Carter said in a speech in Washington that other members will integrate the council as the founder of LinkedIn, Reid Hoffman.

[News] The Division : Ubisoft hardens repression

Long criticized for its lax attitude towards cheaters The Division , Ubisoft has just announced its new vis- à-vis policy of the latter. After launching an anti-cheating campaign that led to the suspension of 30,000 accounts , including 3800 permanent , the editors decide to ban cheaters definitely in the first infringement. However, the statement precises that this applies only to those who use cheat software. This should not be the case for exploiting glitches . That said, I would not take the risk .

[News] A troll gives 50 000 dollars on Twitch, Paypal refuses to refund

“He was beaten at his own game” : the expression never been so actual. A “troll” working on the video games streaming platform Twitch lost 50 000 dollars playing the donation game.

Since a few months, the user called “iNexus_Ninja”, apparently from a rich family, amused himself by giving large amount of money to some streamers. He planned to be then refunded, to not lose his money. His goal was to trigger the madness of the streamer and viewers, then a feeling of treason and disgust against the whole humanity when they will see that was a fake donation.

The problem : Paypal refused to refund the troll’s donations. And the 50 000 dollars stayed so into the hands of the streamers. “iNexus_Ninja” did not choose his victims randomly. All the targeted streamers were well-known and popular on the platform. For instance : SodaPoppin, LegendaryLea, NosleepTV and Dizzykitten.

He surely didn’t know about the method to make fake donation without losing money that we explained here !

Normally, to be refunded by Paypal is easy, because the is no real object transaction. However, the troll was unlucky this time and Paypal refused.

A good lesson for that kind of trolls ? This kind of donation is quite common on Twitch and creates more and more mistrust from streamers about “big donations”