At the conference, representatives from these companies discussed the benefits of bug bounty programs, including improved vulnerability detection and the fostering of a collaborative security community. This emphasis on bug bounties reflects a broader shift towards more cooperative and transparent approaches to security research and vulnerability management.
Case examples
In 2015, the duo demonstrated a remote exploit that required no physical access to the vehicle. Using a cellular connection (Sprint’s network), they exploited the Uconnect system to send CAN bus commands directly to the engine, brakes, and steering wheel. blackhat.2015