MY BRAND BOOK Google rewards Rs 18 lakh to Indian hackers for discovering a bug

Google rewards Rs 18 lakh to Indian hackers for discovering a bug

By MYBRANDBOOK

Two Indian hackers got a whopping $22,000, for spotting a security flaw in Google’s cloud program projects. They spotted a major server-side request forgery bug and subsequent patch bypass. The bug they found could have allowed someone to take control of someone else’s virtual machine with just one click.

The two hackers Sreeram KL and Sivanesh Ashok said that they were new to this platform and while they were exploring it, they found a problem in one of the features called “SSH-in-browser”. One of the hackers, Sivanesh Ashok said, “Since this was our first step into Google Cloud, we naturally stumbled upon one of the most popular products, Compute Engine. While exploring its features and how it works, I noticed SSH-in-browser. It is a feature in GCP that lets users access their compute instances, through SSH, via the browser. Visually, this interface looks very similar to Cloud Shell.”

The feature allows users to access their computer instances like a virtual machine through their web browser, using a protocol called SSH. After reporting this flaw, Google fixed the issue by adding a security feature called cross-site request forgery (CSRF) protection to the GET endpoints and improving the verification process of the domain.

The two hackers also spotted a bug in another Google cloud platform “Theia”, in which they found that the version of Theia they were using was not the latest one. They looked for vulnerabilities in this version and found multiple ones, but not all of them could be used to exploit the system. Some of them were removed from the installation or required unrealistic user interactions, such as uploading a file and then opening it, which made it difficult to exploit the system.

BREAKING NEWS

Amazon created a shell company to obtain intelligence on competit...

According to a report, for a number of years, Amazon ran a shell company ...

Apple's eco-friendly initiatives result in a 22% reduction in car...

The adoption of cleaner energy sources by Apple's suppliers is largely re...

Tata discusses plans to buy Pegatron’s iPhone operations...

Tata Group is in talks to strike a deal to take control of Pegatron Corp....

RBI Releases Draft Guidelines on Payment Aggregator...

In an effort to improve rules on payment aggregators and strengthen the pa...

TECHNO TRENDS

Download masked Aadhaar to improve privacy

Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...

Sterlite Technologies' Rs 145 crore claim against BSNL rejecte

An arbitrator has rejected broadband technology company Sterlite Technolog...

ID-REDACT® ensures full compliance with the DPDP Act for Indi

Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...

Happiest Minds brings in an innovative GenAI chatbot

Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...

E-Magazine

TECHNOTAINMENT

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

Salman Khan trolled for singing with B Praak at Anant Ambani's

To celebrate Mukesh Ambani's youngest son Anant Ambani’s 29th birthday

Disney+ Hotstar wins the Best OTT Platform of the year

Film Critics Guild and Group M Motion Entertainment, in collaboration with

MOVERS & SHAKERS

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

SISL elevates Ankita Wadhawan as CEO—End User Computing

The IT service provider, SISL in a LinkedIn post announced the elevation

InfoVision appoints Radhika Venkatraman to its Advisory Board

Global digital services company, InfoVision has announced the appointment

OPEN YOUR EYES

India is moving towards the path of self-reliance

India's IT industry has moved nearly two thirds of its 4.36 million workforces to work from home

Cyber Security, AI/ML & Public Cloud Top Priorities for CIOs

Manufacturing sector will be the next growth engine for Indian Economics

Waiting For A Cybersecurity disaster to happen

INTERVIEWS

ETEK building a cybersecurity aware community

Forcepoint positions itself as a trusted protector of sensitiv

To help SMEs and SMBs use the SASE/SSE framework and scale both in terms of

ESDS commits to presenting clients with the latest technology

According to a NASSCOM report, the Indian IT industry experienced its stron

HOT PICK

Dell Technologies launches new AI-powered commercial PC portfo

Canon India Introduces 4K Remote PTZ Camera Controller & 4K In

Canon India, a leading company in digital imaging solutions, further solidi

Dell Technologies launches the new consumer and gaming portfol

Dell Technologies has unveiled its newest line of AI-enabled consumer PCs

MAKE IN INDIA BRANDS

LUMINOUS POWER TECHNOLOGIES PVT. LTD.

TAC SECURITY SOLUTIONS

HIMACHAL FUTURISTIC COMMUNICATIONS LTD.

TALLY SOLUTIONS PVT. LTD.

EMINENT CIO'S OF INDIA

Winning customer satisfaction with digital experience

Ultimately, winning the trust of customers involve...

Automation-based technological advancements has made the difference in the industry

Jyothy Labs is a FMCG company and has been synonym...

Digital Ecosystem discovering new avenues of working

Although we have limited foot-print of direct cust...

ICONS OF INDIA

Technology Icons Of India 2023: Sunil Gupta

Sunil Gupta is the Co-founder, Managing Partner & CEO of Yotta Infrast...

Technology Icons Of India 2023: Ritesh Agarwal

Ritesh Agarwal Founder & CEO of OYO Hotels & Homes-World’s fastest g...

Technology Icons Of India 2023: Lt Gen (Dr.) Rajesh Pant (Retd.)

LT Gen(Dr.) Rajesh Panth (Retd.), National cyber security coordination...

PARTNER SPEAKERS

Value Point equipping enterprises to stay abreast in the rapidly shifting landscape with necessary tools

In the modern world, technology is undeniably the keystone of business success...

Iris Global Services prides itself in prioritizing customer’s needs and overcoming IT challenges

Considering India’s fast-growing economy, the future of the Indian IT indust...

BM Infotrade prioritising digital transformation and CX, while fostering innovation and agility

Undoubtedly people tend to resist the change and find it difficult to adapt to...

PSU

PGCIL transforming India with its wide power transmission network

Engaged in power transmission, POWERGRID or PGCIL is a stated owned In...

EESL encouraging e-mobility adoption across India

Energy Efficiency Services Limited (EESL) is a Super Energy Service Co...

BSE provides highly secure, efficient and transparent market for trading

BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...

VIDEOS

Top 25 Brands

Most Trusted Brands 2023 : LTImindtree

LTIMindtree is a global technology consulting and digital solutions company t...

Most Trusted Brands 2023 : Reliance Jio Infocomm Limited

Jio’s vision is to transform India with the power of digital revolution, to...

Most Trusted Brands 2023 : Intel Technology India Pvt. Ltd.

Intel has unique assets and a strong, open ecosystem that gives Intel a compe...

Value-Added Distribution

SAVEX TECHNOLOGIES PVT. LTD.

Savex Technologies is the 3rd largest Information & Communication Tec...

IVALUE INFOSOLUTIONS PVT. LTD.

: iValue Info Solutions is a value added distributor, provides solutio...

R P TECH INDIA

R P Tech is recognized for its diverse products portfolio, value-add...

ITFORUM 2024

WIITF 2024

CMO of the Year

WOMEN LEADERSHIP

EMINENT CIO's OF INDIA

TRENDS IN TECHNOLOGY