eLearnSecurity students, want to get 1 million air miles? Go get yourself a reward with United Airlines Bug Bounty Program!
American airline company, United Airlines, launched a bug bounty program (a first in the airline industry) rewarding information security researchers as much as 1 million air miles for finding high-critical vulnerabilities in their websites, applications or online portals.
A security flaw was discovered in the Hilton.com website that allowed an attacker to gain access to a client’s account simply by knowing or guessing the account number. Bansec security firm found the flaw at the Hilton HHonors page wherein an attacker could hijack any other account just by changing the site’s HTML content to reflect the other account number, then reloading the page.