Profit Sheets

Rs 22 lakh bounty from Microsoft for finding bug in Azure cloud system

June 29, 2021 07:08 PM

Rs 22 lakh bounty from Microsoft for finding bug in Azure cloud system
A 20-year-old ethical hacker from Delhi, has won a reward of $30,000 (approximately Rs 22 lakh) for spotting a bug in Microsoft’s Azure cloud system.

Aditi Singh, a 20-year-old ethical hacker from Delhi, has won a reward of $30,000 (approximately Rs 22 lakh) for spotting a bug in Microsoft’s Azure cloud system. Aditi, who found a similar bug in Facebook just two months back and won a bounty of $7500 (approximately over Rs 5.5 lakh), says that both companies had a remote code execution (RCE) bug, which is a relatively new bug and is currently not being paid much attention to.

Through such bugs, hackers can get access to internal systems and the information they hold. Aditi notes that it is not easy spotting bugs and that ethical hackers have to stay on top of their game about new bugs, so they can report about them and still be eligible for their payouts.

Also Read: Indraprastha Gas share rises over 6% post strong Q4 earnings

“Microsoft has only fixed the bug which I spotted two months back. They have not fixed all of them,” says Aditi, who spotted the RCE bug two months back and said that the tech giant took two months to respond as they were checking if anybody had downloaded the insecure version.

Before even starting to find a bug, people should ask the support team of that company and ask if there is a bounty program of that particular company, and once that company confirms that there is such a program, people should go ahead.

Bug bounty Azure cloud system hunters are mostly certified cybersecurity professionals or security researchers who crawl the web and scan the systems for bugs or flaws through which hackers can sneak in and alert the companies. If they are successful, they are rewarded with cash.

Talking about the RCE bug, Aditi noted that the developers wrote the code directly when they should have the first download a Node Package Manager — which is a subsidiary of GitHub where anybody can access the codes from these companies as they are open-sourced. “Developers should write codes only after they have the NPM,”.

Leave a comment

Intraday Tips
Stock Name Open Price Trend Details
Reliance 1930.10 Buy  Click Here
Asian Paints 2577.00 Buy  Click Here
HDFC 2448.00 Buy  Click Here
HDFCAMC 2790.00 Buy  Click Here
TCS 3120.00 Buy  Click Here