Search results for: bug bounties

Chrome 22 released, researchers awarded $30K in bug bounties

Chrome v22 has been released, and with it over 40 vulnerabilities – 15 of which high-severity – have been closed. Google’s reward program for the responsible disclosure of vulnerabilities in the company’s assets is obviously a great success for Google, but also for independent vulnerability hunters such as Sergey Glazunov, who has been one of the graters contributors since the start of the bug bounty program in 2010. This time he managed to earn himself … More

Interview with Joe Sullivan, CSO at Facebook

Joe Sullivan is the Chief Security Officer at Facebook, where he manages a small part of a company-wide effort to ensure a safe internet experience for Facebook users. He and the Facebook Security Team work internally to develop and promote high product security standards, partner externally to promote safe internet practices, and coordinate internal investigations with outside law enforcement agencies. Being the CSO of Facebook certainly puts you into the spotlight. How have your prior … More

Week in review: Mobile drive-bys, Facebook bug bounty and Operation Shady RAT

Here’s an overview of some of last week’s most interesting news and articles: Facebook introduces bug bounty program Facebook has decided to follow in Google’s and Mozilla’s steps and institute a bug bounty program rewarding the responsible disclosure of security vulnerabilities in the social networking platform. Mass iFrame injection attack now counts millions of compromised web pages Armorize researchers have been keeping an eye on the unfolding situation and point out that the attackers are … More

Microsoft offers $250,000 prize for innovative security technology

Microsoft may not believe in bug bounties, but it’s not adverse to paying for knowledge when it comes to ingenious defensive solutions. The company’s Trustworthy Computing Group announced the BlueHat Prize competition to reward security researchers with more than $250,000 in cash and prizes for developing innovative, new computer security protection technology. The top three winners in the BlueHat Prize competition will earn more than $250,000 in cash and prizes: $200,000 for the grand prize, … More

Facebook introduces bug bounty program

Facebook has decided to follow in Google’s and Mozilla’s steps and institute a bug bounty program rewarding the responsible disclosure of security vulnerabilities in the social networking platform. “If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against … More

Security vendor launches bug bounty

Barracuda Networks announced their Security Bug Bounty Program, an initiative that rewards researchers who identify and report security vulnerabilities in the company’s security product line. In the past, several technology companies have announced bug bounties; however, Barracuda Networks is the first security vendor to offer such a bold program, to reward researchers for identifying vulnerabilities in its own products. The following security products are eligible: Barracuda Spam & Virus Firewall, Barracuda Web Filter, Barracuda Web … More

No more free bugs?

The recent announcements from Google and Mozilla that revealed their intent of paying up to $3,133.7 and $3,000 (respectively) for an eligible vulnerability discovered by outside researchers, has been welcome news to all those security researchers who would like to get more than a mention of their name as thanks for discovering a vulnerability that could affect millions of people. But, other big companies are still not offering to pay – Apple, Adobe, Microsoft and … More