More than 100 bugs discovered in US Homeland Security systems

Some were deemed critical

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

More than 100 bugs have been discovered in the systems of the US Department of Homeland Security (DHS), some of which were deemed critical.

As reported byThe Register, the government organization recently kicked off its “Hack DHS” program, a three-phase event with the goal of tightening upnetwork security.

The first phase was about discovering vulnerabilities on DHSendpoints, and the hackathon participants duly delivered. A total of 450 security researchers took part in the event, and managed to discover 122 vulnerabilities in DHS systems (27 of which were described as critical).

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

DHS Hackathon

The government has awarded researchers a total of $125,600 so far for the discoveries, with more funding for bug bounties apparently on the way.

“The enthusiastic participation by the security researcher community during the first phase of Hack DHS enabled us to find and remediate critical vulnerabilities before they could be exploited,” said Eric Hysen, DHS Chief Information Officer, in a statement.

This event concludes the first of the three phases of the program. In the second phase, security researchers vetted by the department will participate in a live, in-person hacking event, and the third phase will be about establishing important takeaways from the first two phases.

Google says 2021 was a record year for zero-day hacks>This dangerous Windows zero-day lets you instantly become an admin>This nasty Windows 10 zero-day vulnerability finally has an unofficial fix

“Hack DHS underscores our department’s commitment to lead by example and protect our nation’s networks and infrastructure from evolving cybersecurity threats,” Secretary of Homeland Security Alejandro Mayorkas said in a statement.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Schemes like the recent hackathon allow organizations to identify vulnerabilities they were previously unaware of, thereby guarding against zero-day exploits.

Google’s in-house security team recently warned that zero-day security threats are becoming a bigger risk than ever before. In its annual round-up of the zero-day threat landscape, the Google Project Zero team noted that 58 distinct threats were identified in 2021, the biggest number seen since it began investigating back in 2014.

Zero-days are usually exploited to distributemalwareorransomwareonto target devices.

ViaThe Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case