Security News

HackerOne: Nearly Half of Security Professionals Believe AI Is Risky
2024-09-20 16:22

The Hacker-Powered Security Report showed mixed feelings toward AI in the security community, with many seeing leaked training data as a threat.

HackerOne paid ethical hackers over $300 million in bug bounties
2023-10-28 15:17

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. Thirty hackers have earned over a million USD for their submissions, and one has broken the record, receiving over $4 million for his bug reports.

HackerOne: How Artificial Intelligence Is Changing Cyber Threats and Ethical Hacking
2023-07-28 17:47

Security experts from HackerOne and beyond weigh in on malicious prompt engineering and other attacks that could strike through LLMs. HackerOne, a security platform and hacker community forum, hosted a roundtable on Thursday, July 27, about the way generative artificial intelligence will change the practice of cybersecurity. How threat actors take advantage of generative AI. "We have to remember that systems like GPT models don't create new things - what they do is reorient stuff that already exists stuff it's already been trained on," said Klondike.

HackerOne: How the economy is impacting cybersecurity teams
2023-05-04 20:44

HackerOne published the results of its new study, which reveals that half of the organizations surveyed experienced increased cybersecurity vulnerabilities in the last year as they faced security budget cuts and layoffs. HackerOne's survey shows that economic reductions, such as budget cuts, layoffs and freezing new hires and investments, related to security are negatively impacting the ability to manage cybersecurity efficiently for 75% of the companies surveyed.

HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
2022-07-06 06:22

Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain. The employee, who had access to HackerOne systems between April 4 and June 23, 2022, for triaging vulnerability disclosures associated with different customer programs, has since been terminated by the San Francisco-headquartered company as of June 30.

Rogue HackerOne employee steals bug reports to sell on the side
2022-07-02 15:36

A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. The rogue worker had contacted about half a dozen HackerOne customers and collected bounties "In a handful of disclosures," the company said on Friday.

HackerOne kicks Kaspersky’s bug bounty program off its platform
2022-03-25 16:16

Bug bounty platform HackerOne disabled Kaspersky's bug bounty program on Friday following sanctions imposed on Russia and Belarus after the invasion of Ukraine. Kaspersky also added that its bug bounty program was disabled indefinitely following "Unilateral action from HackerOne."

HackerOne apologizes to Ukrainian hackers for mistakenly blocking payouts
2022-03-15 22:35

Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after erroneously blocking their bug bounty payouts following sanctions imposed on Russia and Belarus after Ukraine's invasion. "Due to current economic sanctions and export controls, if you are based in Ukraine, Russia, or Belarus all communications and transactions have been paused for the time being," an email received by Ukrainian hackers from HackerOne read. The decision to freeze accounts for Ukrainians on the bug bounty platforms was also shared by HackerOne CEO Mårten Mickos via a now-deleted tweet saying that the company would re-route all rewards to UNICEF for all hackers from sanctioned areas.

United Kingdom’s MoD announces the results of its bug bounty program with HackerOne
2021-08-03 22:50

The United Kingdom’s Ministry of Defence (MoD) announced the conclusion of its first bug bounty challenge with HackerOne. The Ministry of Defence program was a 30-day, hacker-powered security test...

HackerOne integrates with GitHub to enable tracking and syncing of high-priority vulnerability reports
2021-06-19 00:00

HackerOne announced a new workflow automation integration with GitHub that enables the tracking and synchronization of high-priority vulnerability reports between HackerOne and GitHub. HackerOne is making its debut on GitHub's Marketplace.