"Ethical Hackers Submitted More Bugs to the Pentagon Than Ever Last Year"

According to the Defense Department's Cyber Crime Center (DC3), security researchers reported more vulnerabilities to the Pentagon than ever before in 2019. The Vulnerability Disclosure Program (VDP), created to allow ethical hackers to safely and legally disclose the vulnerabilities that they find in the Pentagon's networks, processed more than 4,000 vulnerability reports with over 2,000 of those reports leading to mitigation activities. Ethical hackers discovered unpatched virtual private network (VPN) endpoints and exploitable content management servers in addition to weaknesses related to the exposure of information to unauthorized outsiders and violations of secure design principles. This article continues to discuss the effectiveness of the DoD VDP, the vulnerabilities disclosed by white hat hackers last year, and other plans for the VDP.

CyberScoop reports "Ethical Hackers Submitted More Bugs to the Pentagon Than Ever Last Year"