NewDonate for Education

Select City
Login

Find New Phone
Buy Accessories
More
0 Device Added
close

35 Tech Companies Including Microsoft, Netflix, and Apple Attacked By Hackers

Share:facebookinstagramwhatsapp
By Yeti - 
12th Feb 2021
35 Tech Companies Including Microsoft, Netflix, and Apple Attacked By Hackers

A security researcher going by the name of Alex Birsan successfully ran codes on servers of 35 major tech companies.

Microsoft, Google, Apple, Tesla, PayPal, and others are some of the companies the hacker got access to.

According to the website Bleeping Computer, the cybersecurity expert made use of exploits that allowed him to run codes on the servers. The security vulnerability is termed as a novel software supply chain attack.

I feel that it is important to make it clear that every single organization targeted during this research has provided permission to have its security tested, either through public bug bounty programs or through private agreements. Please do not attempt this kind of test without authorization.

– Alex Birsan said in the report
35 Tech Companies Including Microsoft, Netflix, and Apple Attacked By Hackers

Also Read: Vivo S9 5G Spotted on 3C Certification

Bug Bounty Rewards

Birsan is an approved security expert and is one of the bug bounty hunters in the industry. He has garnered more than $130,000 from this exploit.

The biggest bug bounty he earned came from Microsoft, who awarded him $40,000. Known as CVE-2021-24105, Microsoft has released a white paper covering the issue.

On the other hand, Paypal has paid Birsan $30,000 as the bounty amount. Apple also acknowledged the bug and said they will reward the researcher shortly.

I believe that finding new and clever ways to leak internal package names will expose even more vulnerable systems, and looking into alternate programming languages and repositories to target will reveal some additional attack surface for dependency confusion bugs.

Alex Birsan in his blog post.

Also Read: Xiaomi Mi 10i and Mi 10T: How The Two Phones Compare

The novel software chain attack involved uploading malicious code on open-source repositories. The users don’t need to do anything on their side since the code is delivered via update automatically.

This is quite alarming if we take into consideration that almost all companies make use of open-source repositories.



Comments

Featured Videos

You May Also Read

Realme Mobile Price List In India
Realme Mobile Price List In India
Realme has become one of the best-emerging smartphone brands in India. With so many smartphones in its portfolio, it often becomes confusing for buyers to decide which one to buy. No problem, we have compiled Realme mobiles price list 2020 for you with the aid of which you can easily do a Realme price comparison…

New Launches

Samsung Galaxy M42 5G
Samsung Galaxy M42 5G
Starting from:
₹21,999
OPPO A74 5G
OPPO A74 5G
Starting from:
₹17,990
iQOO 7 Legend 5G
iQOO 7 Legend 5G
Starting from:
₹39,990
Vivo V21 5G
Vivo V21 5G
Starting from:
₹29,990