52 Hackers get into the US Army system in the last 5 weeks – Disposable mail news

Last year, during October and November, 52 hackers were able to hack the US army. “It only strengthens our security systems as the hackers who hacked our systems did it on ethical principles, as the participants of second ‘Hack the Army’ event that is taking place since the year 2016,” says the spokesperson of the US Department of Defense Defense Digital Service.

In today’s world of cyber attacks and hacking, it is right to assume that inviting hackers to try and invade your system’s security is not safe, not even for the US army. The hackers don’t need a mere invite to hack into any organizations’ cybersecurity. This statement raises a bit of doubt as lately, the US government warned users to update specific Virtual Private Network (VPN), or suffer from persistent cybersecurity attacks. Also, recently, the New York airport and New Orleans city suffered a cyberattack.

But still, there exists a plan in this obvious cyber insanity. ‘Hack Army 2.0’ was a mutual undertaking between the U.S. Army, a bug bounty program called ‘HackerOne,’ and the Defense Digital Service.

What is HackerOne?

In simple words, HackerOne is a platform where various exploits or vulnerabilities can be tested by hackers. This platform has allowed some of its best hackers to win millions of dollars. Surprisingly, one hacker was even able to hack the program itself. This reflects the caliber and potential of the hackers, who register in HackeOne.

Therefore, the whole reason for organizing ‘Hack Army 2.0’ is to find out any threats or vulnerabilities that might affect the security of the US army. This is crucial as it ensures the US army from other unethical hackers and national threats, for instance, Iran.

146 bugs detected, the Army pays $275,000-

The results after this drill revealed that a total number of 60 open US army assets were under the potential threat of hacking. The US army rewarded the hackers a total amount of $274,000 for their efforts. “The assistance of hackers can be helpful for the Army to increase its defense systems exceeding fundamental agreement lists to attain maximum security,” said the spokesperson Alex Romero.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

PayPal Fixes ‘High-Severity’ Password Security Vulnerability – Disposable mail news

Researcher Alex Birsan, while examining PayPal’s main authentication flow– discovered a critical security flaw that hackers could have exploited to access passwords and email addresses of users. He responsibly reported the vulnerability to PayPal on November 18, 2019, via the HackerOne bug bounty platform and received a bug bounty over $15,000 for the issue which was acknowledged by HackerOne after 18 days of its submission and later patched by the company on 11th December 2019. 

The aforementioned bug affected one of the primary and most visited pages amongst all of PayPal’s, which is its ‘login form’ as mentioned by Birsan in the public disclosure of the flaw. 

As Birsan was exploring the main authentication flaw at PayPal, his attention got directed to a javascript file that seemingly contained a cross-site request forgery (CSRF) token along with a session ID. “providing any kind of session data inside a valid javascript file,” the expert told in his blog post, “usually allows it to be retrieved by attackers.” 

“In what is known as a cross-site script inclusion (XSSI) attack, a malicious web page can use an HTML

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.