2 min Security

Dropbox detects 264 vulnerabilities during one-day bug bounty program

Dropbox detects 264 vulnerabilities during one-day bug bounty program

Dropbox discovered 264 vulnerabilities after a one-day bug hunt in Singapore, where hackers from ten countries were looking for errors. The day was organized by bug bounty platform HackerOne. 45 members of the company from Japan, India, Australia, Hong Kong and Sweden, among others, met to attempt to enter Dropbox systems.

Dropbox had announced parts of its ‘attack’ range a few days earlier, writes ZDNet. As a result, HackerOne members had already identified and reported dozens of potential errors before the live event began. According to the company, the focus of the event was on Dropbox and its recent acquisition of HelloSign.

A Dropbox spokesperson states that it has a “well-defined process” for viewing bugs reported through such initiatives, as well as for determining the severity of the fault and the required solutions. It also advises all companies to “invest in a bug bounty program”.

$319,300

The company claims to be investing heavily in building its own security team and teaching its employees best practices in security and the current threat landscape. As a result, everyone within the organisation must be able to better arm themselves against attacks such as spear-phishing and social engineering, according to the spokesperson.

However, the spokesman did not want to say how many hack attempts Dropbox detects and blocks per day. However, he states that the global user base of 500 million means that the challenges it faces are experienced by just a few companies worldwide.

HackerOne has already developed more than 1,300 such programs since it was founded in 2012. It has thus paid a total of more than 49 million dollars to its hackers. There are currently 390,000 registered hackers in the organisation’s network. With the live event at which Dropbox was hacked, the organization raised $319,300 in bounties.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.