Uber pays hacker US$9,000 for partner firm's bug

Ransomware protection service opened Lockheed Martin, Adobe data to attackers.

Darren Pauli

Russian penetration tester Vladimir Ivanov has reported a bug in anti-ransomware backup service Code42 that could have seen attackers pilfer data from the likes of Uber, Lockheed Martin, and Adobe.

Ivanov, of SCADA hack house Positive Technologies, reported the since-patched XML external entity vulnerability to Uber, which paid him US$9,000. Code42 doesn’t have a bug bounty program.

To read the entire article, please click here.

Source: theregister.co.uk