The rolling hills of Kentucky made a beautiful backdrop for a two-day Car Hacking Bug Bash following DerbyCon earlier this month. This exclusive event pulled in the world’s top car hackers to search for vulnerabilities in cars that might sit in your garage today. These security researchers worked with our customer to find a number of P1 submissions on targets that included physical cars that we had on site. This Bug Bash was unprecedented in its success – giving researchers direct access to the technology and the teams who secure that technology.
That’s a wrap!! Thank you so much to our crew of car hackers and security researchers. Within just a couple of days this group came together, discovered high severity bugs, and made us all that much safer.
Thank you!! ❤️ #BCBugBash Louisville #ItTakesACrowd #OuthackThemAll pic.twitter.com/FAFHT9exnk
— bugcrowd (@Bugcrowd) October 10, 2018
This Louisville Bug Bash drew elite hackers with experiences across car hardware, web and mobile hacking, along with hardware and RF hacking. The combination of experiences and backgrounds led to fun collaboration and teaming between researchers – ultimately leading to some of the most exciting finds of the week. We saw multiple $15,000+ payouts during the event. Bugcrowd plans to do more car hacking events over the coming year.
Sure, you may have hacked before. But have you hacked from the back seat? @mintynet @_specters_ @ Car Hacking #BCBugBash Louisville #ItTakesACrowd #OuthackThemAll pic.twitter.com/IIAzt22Z3Y
— bugcrowd (@Bugcrowd) October 10, 2018
Things are picking up speed at the Car Hacking #BCBugBash Louisville. Our favorite phrase right now: “Watch this!”#OuthackThemAll #ItTakesACrowd pic.twitter.com/FEfrd6JZK4
— bugcrowd (@Bugcrowd) October 9, 2018
Our day started out with a P1 found by @ngocdh! We’ve got a strong partnership between him and @swagnetow
@ Car Hacking #BCBugBash Louisville#ItTakesACrowd #OuthackThemAll pic.twitter.com/8KwyQSttBA
— bugcrowd (@Bugcrowd) October 10, 2018
As with any Bugcrowd event, we brought in cool swag. We unveiled our new Bug Bash swag, including a custom a Bug Bash backpack and hoodie, along with our newest t-shirt design:
Just a few more hours before things kickoff today at #BCBugBash Louisville!
We’ve got @swagnetow here and he brought the exclusive Bug Bash swag pic.twitter.com/lwdAweeMom
— bugcrowd (@Bugcrowd) October 8, 2018
GIVEAWAY
Looking to score the latest @Bugcrowd #swag? Post a pic with you in your favorite Bugcrowd shirt & tag @Bugcrowd for a chance to receive our brand new ‘my other computer…’ T-shirt.
We’ll select the winners Friday afternoon. #OuthackThemAll pic.twitter.com/7OqMOdnSk3
— bugcrowd (@Bugcrowd) October 11, 2018
This is just the start of what’s to come for Bugcrowd Bug Bash events. In the coming months, you will see events in cities across the globe with amazing companies. Our next Bug Bash event is November 3rd at the Cal Poly Cybersecurity Institute. The event will take place in the new IoT Lab – which will be set up as a mini city to replicate a real-world environment for hacking – and will bring together top Bugcrowd researchers and students from Cal Poly’s White Hat club for a full day hackathon to surface vulnerabilities on a number of Arlo products, including Arlo Pro 2, Arlo Security Lights, Arlo Baby, and more.
Interested in earning an invite to a Bug Bash? We will have more information about how to get involved in the future – in the meantime, we have great resources for researchers, links to various public Bugcrowd programs, and Bugcrowd University. Stay tuned…