13-year-old hacks Microsoft Teams, rewrites rules for global security program

From interestingengineering.com

Dylan has filed over 20 vulnerabilities, earned a top-three finish at Zero Day Quest, and changed Microsoft’s security policy.

Bug bounty programs attract some of the most skilled engineers in cybersecurity. These are professionals who find their way through enterprise-level software in search of vulnerabilities for recognition, impact, or high payouts.

Photo by Clint Patterson on Unsplash

But Dylan, a high school junior, entered that world at just 13. His first major find, a critical Microsoft Teams vulnerability, didn’t just earn him accolades. It led Microsoft to rewrite the rules of its bug bounty program to allow teenage researchers.

Read more…