Skip to main content

Microsoft rewards hacker with grand prize of around 1.1 crore($200,000 )


Microsoft had recently organized the Blue Hat security contest, and awarded a hefty grand prize of $200,000 (approximately 1.1 crore Indian rupees) to the winning contestant. The prize was bagged by Vasilis Pappas, a Ph.D student from Columbia University. He was handed the cheque in an American Idol-style contest with loud music and confetti, reports Business Insider. Microsoft gave away $260,000 in all in prizes at the contest. Two contestants named Ivan Fratric, a researcher at the University of Zagreb in Croatia, and Jared DeMott, a Security Researcher for Harris Corp won $50,000 and $10,000 respectively.

Microsoft rewards $200,000


Contestants were required to submit their ideas to resolve a complicated security problem based on Return-Oriented Programming. ROP is a hacking technique usually used to disable or circumvent a program's computer security controls. In all, twenty people submitted ideas for the contest. Pappas came up with a solution called 'kBouncer', which blocks anything that resembles an ROP attack, from running. He did so without getting into any technical details. Reportedly, it is become popular these days to pay security researchers ‘bounties.’ But what's cool about the Blue Hat contest is that it paid the researcher for actually coming up with a fix to a problem.

Recently, many big companies have suffered loss of trust and user information due to the hacking of their websites. So, as major businesses go online, the importance of online security is increasing by the day. The most recent incident was when Nvidia revealed that unauthorized third parties had gained access to user information such as username, email address, hashed passwords with random salt value, and public-facing "About Me" profile information from its forum. The Nvidia forum hack followed the recent LinkedIn and Yahoo! hacks. Earlier 6.5 million LinkedIn hashed passwords were stolen, and subsequently published on unauthorized websites. Lax security by LinkedIn was blamed for the hack. Security experts had pointed out that LinkedIn neither has a Chief Information Officer (CIO) nor a Chief Information Security Officer (CSIO) whose job is to monitor breaches. Furthermore, there are no penalties for such companies who are responsible for breach of customers' data. In fact, after the LinkedIn password breach, the company’s stock rose. Moreover, LinkedIn wasn’t a new start-up. It rakes in the moolah by helping companies hire top talent, and it entered initial public opening last year. 

Hackers belonging to a hacking collective called D33Ds Company had retrieved and dumped login details of more than 400,000 Yahoo! Voice user accounts in plain text. The hackers used a union-based SQL injection attack to get the information stored in the database. Reporting on the issue, Ars Technica's Dan Goodin wrote that the union-based SQL injection hacking technique used here affects inadequately secured web applications that do not "properly scrutinize text entered into search boxes and other user input fields". He added, "By injecting powerful database commands into them, attackers can trick back-end servers into dumping huge amounts of sensitive information". Earlier, the music website Lastfm.com and the dating website eHarmony were also attacked.

Comments

Popular posts from this blog

What is the difference between a frigate,cruiser,destroyer, battleship ?

Usually the size and the purpose. The period of time sometimes distinguishes the name.Modern navy combat ships are generally divided into seven main categories. The categories are: Aircraft Carriers, Battleships, Cruisers, Destroyers, Frigates, Submarines, and Amphibious assault ships. There are also support and auxiliary ships, including the minesweeper, patrol boat, and tender. During the age of sail, the ship categories were divided into the ship of the line, frigate, and sloop-of-war.
Frigate is a name which has been used for several distinct types of warships at different times. It has referred to a variety of ship roles and sizes. From the 18th century, it referred to a ship smaller and faster than a ship-of-the-line, used for patrolling and escort work rather than fighting fleet actions. In modern military terminology, the definition of a frigate is a warship intended to protect other warships and merchant marine ships and as anti-submarine warfare (ASW) combatants for amphibiou…

10 Ways Men Are Dressing Wrong

Why are we not allowed to switch on our phones at Petrol stations?

If we use cell phone at petrol station its radiation can make any spark in some machine of the patrol station.And a little spark can make a big explosion.So,Better stay away from it because It is better to safe than sorry