Dozens of Vulnerabilities Discovered in DoD's Enterprise Travel System

In less than one month, security researchers participating in the Pentagon's Hack the Defense Travel System program found 65 vulnerabilities. White-hat hackers participating in a US Department of Defense bug bounty initiative recently rooted out 65 unique security vulnerabilities in the Defense Travel System (DTS), an enterprise application used by millions of DoD workers worldwide. In less than one month, more than two dozen of the uncovered flaws — 28 — were flagged as high or critical in severity, according to HackerOne, the entity that managed the initiative for the DoD. The DoD's Hack the DTS (Defense Travel System) contest is part of a broader DoD crowd-sourced bug hunting initiative called Hack the Pentagon. It's the fifth time the DoD has used such a program to try and proactively find vulnerabilities in important systems that its own security organizations might have missed. So far, since its launch in April 2016, the Hack the Pentagon program has helped the DoD find and fix some 3,600 vulnerabilities in total.