GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program

GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program

Web-based hosting service GitHub has decided to increase both the potential reward amounts and scope of its bug bounty program. On 19 February, GitHub announced its decision to raise its reward amounts ...
Hackers Invited to Attack Swiss E-Voting System in Latest Bug Bounty Program

Hackers Invited to Attack Swiss E-Voting System in Latest Bug Bounty Program

The Swiss government has just announced a CHF250,000 investment in a new bug bounty program to prevent voting manipulation. Swiss Post will let professional ethical hackers attack its system for a month ...

14 Essential Bug Bounty Programs of 2019

In 2017, The State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs) since then. With ...

Microsoft Announces Azure DevOps Bug Bounty Program

The Microsoft Security Response Center (MSRC) has announced the creation of a bug bounty program for Azure DevOps services. On 17 January, MSRC said it would begin awarding bounties of up to ...
Skype Android Authentication Bypass

Skype flaw grants access to the photos on your Android phone without a passcode

A design flaw in Microsoft’s Skype app can be exploited to grant access to the data on your Android phone without passcode authentication, a researcher has shown. Kosovo-based bug-hunter Florian Kunushevci demonstrates ...
Facebook to pay ethical hackers $40,000 for reporting a single account-takeover bug

Facebook to pay ethical hackers $40,000 for reporting a single account-takeover bug

Amid mounting criticism from regulators and users over its data protection practices, Facebook is extending an olive branch to the ethical hacker community, increasing its bug bounty rewards while decreasing the technical ...
Potential of the Masses to Fight Cybercrime

ASan and Beyond: Harnessing the Potential of the Masses to Fight Cybercrime

ASan, or AddressSanitizer, is an open source tool created by Google to find memory corruption bugs. Lots of projects, including Chromium and Firefox use it to find bugs such as use-after-free, use-after-return ...
Security Boulevard
Bugcrowd to Advance DevSecOps

White Hat Security Partners with Bugcrowd to Advance DevSecOps

White Hat Security this week announced a partnership with Bugcrowd through which vulnerabilities discovered by certified ethical hackers that paid bounties can be integrated within a larger set of integrated DevSecOps processes ...
Security Boulevard

93% of Forbes Global 2000 Don’t Stress Vulnerability Disclosure Policies, Says HackerOne Report

As many as 93 percent of companies in the Forbes Global 2000 list don’t include a vulnerability disclosure policy among top business concerns, according to HackerOne’s The Hacker-Powered Security Report 2018, a ...
Tesla Encouraging “Good Faith” Security Research in Bug Bounty Program

Tesla Encouraging “Good Faith” Security Research in Bug Bounty Program

Electric vehicle manufacturer Tesla is encouraging what it calls “good faith” security research in its bug bounty program. In its vulnerability disclosure program, Tesla says it welcomes “the community to participate in ...
Loading...