Hal Pomeranz · Jun 14, 2022 · 11:55 PM UTC

Hal Pomeranz · Jun 14, 2022 · 11:55 PM UTC

Hal Pomeranz

Hal Pomeranz @hal_pomeranz

14 Jun 2022

$60K bug bounty and thank you Tzah for not selling this on the black market where you likely could have made much more.

Tzah Pahima @TzahPahima

14 Jun 2022

I was able to access thousands of companies’ passwords on #Azure and run code on their VMs. This includes access to Microsoft’s own credentials… 💣 Here’s HOW I did it. This is the story of #SynLapse. (1/11)

Jun 14, 2022 · 11:55 PM UTC

Миша 🇺🇦 @mikecherry.bsky.social · Jun 15, 2022 · 12:12 AM UTC

Миша 🇺🇦 @mikecherry.bsky.social @mikecherry

15 Jun 2022

Replying to @hal_pomeranz

$60k is a lot but seems WAY less than Tzah should have received for this. Companies really need to start paying security researchers and bug bounty hunters a lot more than what they currently do.

Hal Pomeranz · Jun 15, 2022 · 12:29 AM UTC

Hal Pomeranz @hal_pomeranz

15 Jun 2022

Agreed

cireumayn11 · Jun 15, 2022 · 3:33 PM UTC

cireumayn11 @cireumayn111

15 Jun 2022

Replying to @hal_pomeranz

Lol. That doesnot sound right.