Technology reporter
BugkraudeSome technology careers provide an opportunity to display their skills in exclusive places around the world, from luxury hotels to Las Vegas e-Sports Arenas, colleagues cheered you, saying that your name takes up the leaderboard and your earnings rack.
But the same Brandin Murtag experienced as Bug Bunty Hunter within its first year.
Mr. Murtag joined gaming and building computers at the age of 10 or 11 years and always knew that “I wanted to work in a hacker or security”.
He began working at a security operating center in 16, and went into admission tests at 20, a job that included the test of physical and computer safety of customers: “I had to make a false identity and break into places and then hack. Quite fun.”
But in the last one year he has become a full -time bug hunter and independent security researchers, which means that he rejects the computer infrastructure of organizations for security weaknesses. And he did not look back.
Internet browser pioneer Netscape is considered as the first technology company to offer cash “reward” to security researchers or hackers to highlight flaws or weaknesses in their products back in the 1990s.
Finally, platforms such as Bagcrov and Hacaron in the US, and in Europe, emerged to add integrity, hackers and organizations, who wanted to test their software and system for security weaknesses.
As the founder KC Ellis, the founder of Bagcroud, is, while hacking is a “morally unknowable skill set”, Bug Hunters have to work within the law.
Platforms such as Bugcrowd bring more discipline in the bug-skir process, allowing companies to set up “scope” which systems they want to target hackers. And they operate those live hacatons where the top bugs compete and collaborate to the “hammering” system, show their skills and potentially earn big money.
Payments for companies using platforms such as Bugcrowd are also clear. Axis OS, Andre Bustart, Global Product Manager at Swedish Network Camera and Monitoring Equipment Firm Axis Communications, said that the weaknesses are inevitable, with a 24 million lines code in their device operating system. “We realized that the second set of eyes is always good.”
He says, “platforms such as Bagkraud means” you can use hackers as a force for good, “he says. Since opening his bug bunty program, Axis has exposed – and has been packed – as more than 30 weaknesses, as Shri Baster, which includes a” very serious “.
BugkraudeSo, this can be an attractive work. Bugcroud’s top earning hacker earned more than $ 1.2M compared to the previous year.
But when millions of hackers are registered on major platforms, Inti de Sekelair, the Chief Hacking Officer of the Integrity, says that the hunting number on a daily or weekly basis is “ten thousand thousands”. Elite tier, who are invited to the flagship live event, will still be smaller.
Mr. Murtag says: “A good month will look like a couple of significant weaknesses, high, a couple of mediums. Some good payment days in an ideal situation.” But he says, “This is not always.”
Nevertheless, with the explosion of AI, bug huntors have the surface of the entire new attack to find out.
Mr. Ellis says that organizations are running to get competitive benefits with technology. And this is usually a safety effect.
“In general, if you apply a new technology quickly and competitively, you are not thinking that it may be wrong.” In addition, they say, AI is not only powerful, but “designed to be used by anyone”.
A security researcher and cyberspace lecturer at Manchester Metropolitan University. Katie Pasteon-Fier states that AI is already the first technique to explode on the scene with a formal without hunting community.
And it has leveled the playground for hackers, Mr. D. Sekelair. Hackers – both moral and not – can exploit technology to speed up and automate their own operations. This is to conduct the reconnaissance to identify weak systems, to analyze the code for defects or suggest possible passwords for breakdown in the system.
But dependence on the large language model of modern AI systems means that language skills and manipulations are an important part of the hacker tool kit, called Mr. D. Sekeleir.
He says that he matched the chatbots on classic police inquiries techniques and prepared them to “crack” them.
Mr. Murtag has described the use of such social engineering techniques on chatbots for retailers: “I will try and cause a request to the chatbot or even trigger myself to give me the order of another user or any other user.”
Getty imagesBut these systems are also unsafe for more “traditional” web app techniques, they say. “I have found some success in an attack called cross site scripting, where you can essentially trick the chatbot to provide a malicious payload that can cause all types of safety implications.”
But the danger does not stop there. Dr. Paxon-fiar says that an over-focus on chatbots and large language models may be distracted by the widespread interrelation of AI-operated systems.
“If you find a vulnerability in a system, where does it eventually appear in every other system?
Dr. Paxon-fiar says that a major AI-related data has not yet been violated, but “I think it’s just a time”.
Meanwhile, the AI industry needs to ensure that she embraces bugs and safety researchers, she says. “The fact is that some companies do not make it so difficult for us to do their work to keep the world safe.”
Meanwhile, there is no possibility of shutting off bug huntors. As Sri D. Sekelair says: “Once a hacker, always a hacker.”
