Parrot launches Bug Bounty program to keep its drones secure

Josh Spires -
ParrotDrone CosBug Bounty
Parrot Bug Bounty drones

French drone manufacturer Parrot has announced its new bug bounty program in partnership with the European crowdsourced security platform YesWeHack. The company will have access to the platform’s community of cybersecurity researchers to find any vulnerabilities in its drones, mobile applications, and web services.

Continue Reading

Check Point Researchers find major DJI security vulnerability

Haye Kesteloo -
DJIBug Bounty

Check Point Researchers and DJI shared information about a vulnerability that might have allowed third parties access to DJI users’ data and drone images through the DJI Forum. If the vulnerability were to be exploited, it would have allowed a third party to access to a user’s account, including information such as photos, video footage, flight paths, GPS data, and other information without the user ever realizing his account was hacked. DJI was first notified about this in March of 2018. It has since been patched.

Continue Reading

DJI fires software developers involved in data security breach and responds publicly to Bug Bounty case

Haye Kesteloo -
FeatureDJIBug BountyKevin Finisterre

In a public statement addressing the Bug Bounty case with Kevin Finisterre, DJI also informs us that they’ve fired the software developers, who were involved in the cyber-security breach of the DJI customer data stored on the AWS servers.

DJI does not shy away from making public statements to set the record straight or at least to provide their side of the story. They have done so in the case of the attack on DJI’s Aeroscope. DJI also responded when a drone struck an airplane in Quebec. And now after Kevin Finisterre publicly posted his reasons for walking away from the top bounty of $30k of DJI’s Bug Bounty Program, DJI releases their public statement, in which they point out the actions they have been taking to remedy the issues. One of which was the firing of the software developers who were responsible for data security.

Continue Reading

Security researcher exposes DJI customer data, walks away from $30k bug bounty and posts his story online

Haye Kesteloo -
FeatureDJIBug BountyHackersReseacher

Security researcher Kevin Finisterre recently found a security flaw that allowed him to access personal data from DJI’s customers on servers from the Chinese drone manufacturer. Finisterre used DJI’s recently launched Bug Bounty program to report his findings. This resulted in many emails being sent back and forth between the researcher and the drone company’s legal department about the scope of DJI’s Bug Bounty program and other legalities. In the end, Finisterre felt threatened and concluded he could not sign DJI’s document. He then decided to not only forgo the 30,000 top reward but also to go public with his story in an 18-page PDF titled: “Why I walked away from $30,000 of DJI bounty money.

Continue Reading

Hackers make thousands of dollars through DJI “Bug Bounty” program

Haye Kesteloo -
DJIBug BountyHackers

Late in August DJI launched their “Bug Bounty” program after hackers had been able to bypass DJI’s geo-fencing. Around the same time, the US army stopped using DJI’s products because of ‘cyber vulnerabilities’. Apparently, the program has been quite the success and DJI is now planning to make the first payouts, according to DroneLife. The combined payout is in excess of $30,000 to multiple researchers.

Continue Reading
Google Drive begins rolling out tablet redesign with navigation rail
Google Keep for Wear OS adds watch face complications
Today’s Android game and app deals: Swim Out, Defense Zone 3, Scythe, and more
As the stars align for Microsoft’s Activision deal, here’s how cloud gaming will benefit
Bing’s AI Image Creator is faster with ‘boosts’ earned by committing to Microsoft’s ecosystem
Messaging is no longer Android’s mess, it’s an iPhone problem: Talking RCS with Hiroshi Lockheimer
Google Pixel adding ‘Adaptive Charging’ status notification with one-time off button
9to5Google Log Out: After a year-long Pixel Tablet wait, what’s at stake for Google
Deals: Google Pixel Watch hits $299 low, Bose QuietComfort II earbuds $249, more
Hands on: This Pixel Watch screen protector is basically invisible, and hides scratches