bug bounty

bitdefender.com

How to get away with hacking a US satellite

The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Google’s bug bounty bid to make big Android apps more secure

Google’s bug bounty has been expanded to not only covers the firm’s own products, but additionally all apps in the official Google Play store which have had 100 million or more installs.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Huge prizes up for grabs for anyone who can hack a Tesla

This year, for the first time ever, a popular car will be amongst the products hackers will be trying to exploit at the Pwn2Own contest.

Read more in my article on the Hot for Security blog.


0 sec read

Smashing Security #110: What? You can get paid to leave Facebook?

Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


1 min read

bitdefender.com

Microsoft offers up to $100,000 to identity bug finders

Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft’s various identity services.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Found a flaw in a popular Android app? Google might give you $1000

Google has announced a new bug bounty program that aims to uncover security holes in high-profile Android apps.

Read more in my article on the Hot for Security blog.


0 sec read

Earn up to $200K finding bugs in Samsung smartphones

Samsung has announced a new bug bounty program that offers rewards of up to $200,000 for qualifying vulnerability reports.

David Bisson reports.


1 min read

tripwire.com

How to get away with hacking the Department of Homeland Security

But more and more organisations are actually welcoming attempts to test their security, in the hope that vulnerabilities will be reported to them responsibly before a malicious hacker exploits a weakness to inflict damage.

Read more in my article on the Tripwire State of Security blog.


0 sec read

welivesecurity.com

Hack the US Air Force, and make cash… legally!

Humans make mistakes, and vulnerabilities can creep into projects unspotted. The more trusted eyes checking a service – with the approval of the systems’ owners – the better.

Read more in my article on the We Live Security blog.


0 sec read

Earn up to $200,000 as Apple *finally* launches a bug bounty

Found a vulnerability in Apple products? Finally the company has recognised that you might be grateful for some financial reward.


1 min read

Pornhub asks for help hardening its security

If you find a new backdoor – let us know, says popular X-rated adult video website.


1 min read

bitdefender.com

Hack the Pentagon, and you could win $150,000

The US Department of Defense is inviting hackers to find security vulnerabilities in some of its public websites, and is offering a bounty of up to $150,000 for those who find flaws.

Read more in my article on the Hot for Security blog.


0 sec read

Starbucks stays schtum, after patching critical website vulnerabilities

Starbucks has patched three critical security vulnerabilities on its website, but it still hasn’t respond to the security researcher who first found the bugs.

David Bisson reports.


1 min read

Researcher demands FireEye pay up for zero-day vulnerabilities or suffer his ‘cold silence’

A security researcher has demanded that FireEye pay him for several zero-day vulnerabilities he found in the firm’s security products, and he has threatened that he will otherwise remain silent about the bugs’ details.

David Bisson reports.


1 min read

Do bug bounties work?

Guest contributor Bob Covello discusses bug bounties. Do you think they’re doing a good job at helping vulnerabilities be found, and keeping users safe?


1 min read

heatsoftware.com

LinkedIn trumpets the success of its private bug bounty

It’s all very well having a bug bounty program, argues LinkedIn, but how is your organisation going to cope if it is bombarded with hundreds of meaningless and useless reports, that your security team cannot act upon?

Read more in my article on the Optimal Security blog.


0 sec read