Saturday, October 16, 2021

Hack the Army Bug Bounty Program Launched to find US Army Vulnerabilities

Must Read

Suspected Attackers Steal FireEye Red Team Tools

Security giant FireEye has been on the receiving end of a complex, publication attack from state actors searching for...

NetWire and Remcos Trojan targeted US taxpayers

Investigators have analyzed an effective campaign targeted by US taxpayers to distribute both NetWire and Remcos Trojans.The tax season...

Singapore is strengthening guidelines for the financial services sector

The revised technical risk management guidelines include financial institutional directives to use “strong oversight” of arrangements with third-party service...

The Defense Digital Service (DDS) and HackerOne have announced the launch of a new bug bounty program, in which participants will attempt to uncover vulnerabilities in the US Army’s digital systems.

Bug bounty competition offers financial rewards for finding security vulnerabilities. so they can be fixed before malicious hackers find them.

This will be the 11th bug bounty program to take place between the DDS and HackerOne, and the third with the US Department of the Army, offering the chance for military and civilian participants to discover vulnerabilities in exchange for monetary rewards.

It will run from January 6 to February 17, 2021, and is named Hack the Army 3.0.

Hackers are being invited to uncover cybersecurity vulnerabilities in the computer systems used by the US military as part of the ‘Hack the Army’ bug county challenge.

Participation is by invitation only to civilian hackers and members of the US military, with bug bounties offered only to civilian hackers when valid security vulnerabilities are found according to the program policy.

The aim is for cybersecurity researchers to uncover and disclose security vulnerabilities in army systems so they can be resolved before they are discovered and exploited by malicious hackers. Civilian hackers who successfully discover valid security bugs could receive a financial reward.

“Bug bounty programs are a unique and effective force multiplier for safeguarding critical Army networks, systems and data, and build on the efforts of our Army and DoD security professionals,” said Brigadier General Adam C. Volant, U.S. Army Cyber Command Director of Operations.

“By crowdsourcing solutions with the help of the world’s best military and civilian ethical hackers, we complement our existing security measures and provide an additional means to identify and fix vulnerabilities. Hack the Army 3.0 builds upon the successes and lessons of our prior bug bounty programs,” he added.

“We are proud of our continued partnership with the Army to challenge the status quo in strengthening the security of military systems and shifting government culture by engaging ethical hackers to address vulnerabilities,” said Brett Goldstein, director of the Defense Digital Service. 

DDS has made extensive use of bug bounty challenges of this nature to improve the security systems of US government departments.

Since Hack the Pentagon was launched back in 2016, it has executed 14 public bounties on external-facing websites and applications in addition to 10 private bounties on sensitive internal systems in the US Department of Defense. These include Hack the Pentagon, Hack the Defense Travel System, and Hack the Air Force.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This