United Hackers Given a Million Free Air Miles

Uploaded on 2015-07-24 in FREE TO VIEW, NEWS-Cybersecurity News

united-airlines-570x250.jpg

US airline United has rewarded two hackers who spotted security holes in its website with a million free flight miles each. The flight provider operates a "bug bounty" scheme that rewards hackers for privately disclosing security flaws rather than sharing them online.
It has given the maximum reward of a million flight miles, worth dozens of trips, to two people. One security expert said the scheme was a big step forward for online security. "Schemes like this reward hackers for finding and disclosing problems in the right way. That makes the internet safer for all of us," said security consultant Dr Jessica Barker.
In return for receiving their flight rewards, hackers are forbidden from revealing the nature of the security holes they discovered.
"We believe that this program will further bolster our security and allow us to continue to provide excellent service," United said on its website.
The idea of responsible disclosure, reporting issues and giving companies time to fix them, is not new. Big technology companies such as Yahoo, Google and Facebook offer hackers cash incentives to report bugs privately.
BBC: http://bbc.in/1e4waFn

« UK Government £1m scheme for SMEs to Fight Cyber Attacks
Public-Private Partnerships in the Cyber Domain »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

softScheck

softScheck

softScheck is an IT security consultancy. Services range from pentesting and compliance testing to security auditing of software and IT infrastructure.

Telspace Systems

Telspace Systems

Telspace Systems provides penetration testing, vulnerability assessment and training services.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

IQ Solutions

IQ Solutions

IQ Solutions is a Digital Integrator and an ICT Services Provider, focusing on innovative Cyber Secured ICT managed solutions tailored to the needs of the Maritime Industry.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

AVANTEC

AVANTEC

AVANTEC is the leading Swiss provider of IT security solutions in the areas of cloud, content, network and endpoint security.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

CrowdSec

CrowdSec

CrowdSec is an open-source & participative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Data Protection Commission (DPC)

Data Protection Commission (DPC)

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.

EVVO LABS

EVVO LABS

EVVO Labs empower your business with the latest IT capabilities to get you ahead of your competitors. We are experts at converging technologies to build your digital transformation.

Nexsan

Nexsan

Nexsan offers versatile and robust data storage solutions tailored to adapt seamlessly across a diverse range of sectors, ensuring reliable performance for critical data management.