The latest on the Yahoo breach, Germany’s problem with WhatsApp-Facebook, Facebook’s osquery tool for Windows, and Zerodium’s $1.5M iOS bounty are all discussed.
Tag Archives: Zerodium
Zerodium Offers $1.5 Million Bounty For iOS Zero-Day Exploits
Well, there’s some good news for Hackers and Bug hunters, though a terrible news for Apple!
Exploit vendor Zerodium has tripled its bug bounty for an Apple’s iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million.
Yes, $1,500,000.00 Reward.
That’s more than seven times what Apple is offering (up to $200,000) for iOS zero-days via its private, invite-only bug bounty program.
<
Blackhat Firm Offers $500,000 for Zero-day iOS Exploit; Double Than Apple’s Highest Bounty
Last week, Apple finally announced a bug bounty program for researchers and white hat hackers to find and get paid for reporting details of zero-day vulnerabilities in its software and devices.
The company offers the biggest payout of $200,000, which is 10 times the maximum reward that Google offers and double the highest bounty paid by Microsoft.
But now Apple is going to face competition
Curious Tale of a Microsoft Silverlight Zero Day
A Silverlight vulnerability patched yesterday by Microsoft could be tied to a Russian hacker who tried to sell a similar zero day to the Hacking Team.
Threatpost News Wrap, January 8, 2016
Mike Mimoso and Chris Brook discuss the week in news: How the Dutch are opening encryption with open arms, the end of support for IE 8, 9, and 10, and the latest bounty offered up by Zerodium.
Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses
Exploit acquisition company Zerodium announced it would pay up to $100,000 for heap isolation mitigation bypasses against Adobe Flash Player.
Zerodium Offers $100,000 for Flash Zero-Day Exploit that Bypasses Mitigations
A well-known company popular for buying and selling zero-day vulnerabilities is now offering up to $100,000 for providing a working zero-day exploit for bypassing the Flash Player’s Heap Isolation mitigation.
Few months back, Adobe deployed Heap Isolation in Flash version 18.0.0209 with an aim at making the Use-After-Free (UAF) vulnerabilities more difficult for cybercriminals to exploit.
Flash’s Farewell Under Way
Adobe’s announcement that it has retooled—and renamed—Flash is a longterm signal that the vulnerable and fatigued platform is on its last legs.