Sam Curry Explained
Sam Curry |
Birth Date: | 17 October 1999 |
Birth Place: | Omaha, Nebraska, U.S. |
Nationality: | American |
Occupation: | Hacker, Security researcher |
Sam Curry (born October 17, 1999) is an American ethical hacker, bug bounty hunter, and founder. He is best known for his contributions to web application security through participation in bug bounty programs, most notably finding critical vulnerabilities in 20 different auto manufacturers including Porsche, Mercedes-Benz, Ferrari, and Toyota. In 2018, Curry began working as a security consultant through his company Palisade[1] where he disclosed vulnerability publications for security findings in Apple, Starbucks, Jira, and Tesla.
In 2021, Palisade was acquired by Yuga Labs where Curry currently works as a security engineer. In 2023, Curry was detained and summoned to testify within a Grand Jury by the IRS-CI and DHS on wrongful suspicion of running a high-profile phishing website.
Curry has spoken on ethical hacking, web application security, and vulnerability disclosure at conferences including DEFCON,[2] Black Hat Briefings,[3] Kernelcon,[4] and null.[5]
Biography
Curry grew up in Omaha, Nebraska and attended Elkhorn High School. He began hacking at the age of 12,[6] ethically disclosing vulnerabilities to various vendors over email.[7] At University of Nebraska Omaha, Curry worked with students through the cyber security club NULLify.[8] [9]
Publications and articles
- "Researchers Secure Bug Bounty Payout to Help Raise Funds for Infant’s Surgery". vice.com. Retrieved June 2, 2021.[10]
- "Pega Infinity hotfix released after researchers flag critical authentication bypass vulnerability" portswigger.net. Retrieved June 2, 2021.[11]
- "We Hacked Apple for 3 Months: Here’s What We Found". samcurry.net. Retrieved April 9, 2021.[12]
- "Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty". samcurry.net. Retrieved November 3, 2019.[13]
- "Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More". samcurry.net. Retrieved November 26, 2023. [14]
- "Hackers Could Have Scored Unlimited Airline Miles by Targeting One Platform". wired.com. Retrieved March 23, 2024. [15]
- "Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds". wired.com. Retrieved March 23, 2024. [16]
Notes and References
- Web site: Teen makes six figures hacking Google, Facebook legally. Ganz. Amy. 30 July 2018 . Fox Business. 24 March 2020.
- Web site: The Talks that Define DEF CON 27. 5 August 2019 . Bugcrowd. 24 March 2020.
- News: Inside Black Hat, the world's biggest ethical hacker conference in Las Vegas. Murphy. Margi. Telegraph. 10 August 2019 . 24 March 2020.
- Web site: Kernelcon Speakers. Vidas. Tim. Kernelcon. 24 March 2020.
- Web site: null Dubai Meet 16 March 2023 March Special Meet . 2023-03-24 . null.community.
- Web site: School's out: Meet the teen hackers swapping books for bugs. Haworth. Jessica. 23 April 2019 . Portswigger. 24 March 2020.
- Web site: This 18-year-old's hacking side hustle has earned him $100,000—and it's totally legal. Paul. Kari. MarketWatch. 24 March 2020.
- Web site: NULLify Capture The Flag. Denney. Vanessa. 18 December 2018 . University of Nebraska Omaha. 24 March 2020.
- News: Globally Used Points.com Loyalty System Hacked for Good . www.hackread.com . 4 August 2023.
- Web site: Franceschi-Bicchierai. Lorenzo. Researchers Secure Bug Bounty Payout to Help Raise Funds for Infant's Surgery. vice.com. 2 June 2021.
- Web site: Pritchard. Stephen. Pega Infinity hotfix released after researchers flag critical authentication bypass vulnerability. 10 May 2021 . portswigger.net. 2 June 2021.
- Web site: Curry. Samuel. We Hacked Apple for 3 Months: Here's What We Found. samcurry.net. 3 November 2019.
- Web site: Curry. Samuel. Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty. November 2019 . samcurry.net. 3 November 2019.
- Web site: Curry. Samuel. Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More. November 2019 . samcurry.net. 3 November 2019.
- Web site: Newman. Lily. Hackers Could Have Scored Unlimited Airline Miles by Targeting One Platform. August 2023 . wired.com. 23 March 2024.
- Web site: Greenberg. Andy. Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds. March 2024 . wired.com. 23 March 2024.