Well, there’s some good news for hackers and bug bounty hunters!
Both tech giants Google and Microsoft have raised the value of the payouts they offer security researchers, white hat hackers and bug hunters who find high severity flaws in their products.
While Microsoft has just doubled its top reward from $15,000 to $30,000, Google has raised its high reward from $20,000 to $31,337, which
By making the Vulnerability Equities Process law, advocates of the idea argue there would be more reliability, transparency and accountability in the process of government vulnerability disclosure.
Admins have to hold their breath for two more weeks on the Badlock vulnerability. Which will come first: the patch, or a public exploit?
Uber announced a public bug bounty program that will pay up to $10,000 for critical bugs, and which also includes a loyalty program that pays bonuses for five or more finds.
After a pair of very public disclosures in the last two weeks, Netgear published new firmware for vulnerabilities in its routers that have been publicly exploited.
Citing vendor pressure, a researcher pulled a talk at HITB GSEC Singapore on the security of IP-enabled surveillance cameras.
HackerOne released a free model that assesses an organization’s readiness to accept outside vulnerability reports.
LinkedIn today announced that since October it has been running a private bug bounty, and to date has patched 65 bugs and paid out $65,000 in rewards.
Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.
Google announced that it was adding a 14-day grace period to its 90-day vulnerability disclosure deadline if the affected vendor says it will have a patch ready inside the extension.