Keralite Blogger AKHIL G enters Google Hall Of Fame for Finding An Important Security Issue with Google
AKHIL G, a technology journalist and blogger from Trivandrum, Kerala has entered Google’s Hall Of Fame for finding an important security issue with one of the subdomains of Google.
AKHIL G is an established technology journalist and a widely-read blogger from South India. Recently, he has entered the Google Hall Of Fame. AKHIL found out that with cross-site scripting, he can access a user’s logged-in app sessions and data easily without the user’s permission. To avoid misusing of the critical loophole, he immediately contacted Google and submitted the bug via their Vulnerability Reward Program. A team of security specialists from the tech giant evaluated the severity of the bug and honoured the youngster by including him in the Google Hall Of Fame.
In an interview with SecKrity, AKHIL said, “After months of investigation and hard work, I found out that I can successfully execute cross-site scripting on Google’s www.apigee.com website.”
If you don’t know, Apigee Corp. is a Silicon Valley-based company that provides API management and predictive analytics software. It was founded in 2004 as Sonoa Systems. In 2016, Apigee was acquired by Google in a deal worth $625 million. Now Google is managing this platform. If there is an issue with this platform, it will definitely affect many of the Android apps and services connected with various APIs.
A student of Chemistry at University College, Thiruvananthapuram, Akhil will also be rewarded by Google for his unique finding. The tech giant hasn’t yet revealed the exact reward amount. In addition to security researching, Akhil is a widely-read blogger with over 6 lakh daily unique visitors on his blogs. He runs 4 popular blogs and has 17 staffs across the world including him.
If you don’t know, Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. Across-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.