bounty hunter – WindowsTechs.com

Facebook Debuts Bug-Bounty ‘Loyalty Program’

Posted on October 9, 2020 by Lindsey O'Donnell

Facebook bounty hunters will be placed into tiers by analyzing their score, signal and number of submitted bug reports — which will dictate new bonus percentages. Continue reading Facebook Debuts Bug-Bounty ‘Loyalty Program’→

Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

Posted on October 6, 2020 by Lindsey O'Donnell

At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren’t a ‘silver bullet’ for security teams. Continue reading Grindr’s Bug Bounty Pledge Doesn’t Translate to Security→

Critical GitLab Flaw Earns Bounty Hunter $20K

Posted on April 29, 2020 by Lindsey O'Donnell

A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code. Continue reading Critical GitLab Flaw Earns Bounty Hunter $20K→

Apple’s Bug Bounty Opens for Business, $1M Payout Included

Posted on December 20, 2019 by Tara Seals

The tech giant is looking for full working exploits with any vulnerability submission. Continue reading Apple’s Bug Bounty Opens for Business, $1M Payout Included→

Google Targets Data-Abusing Apps with Bug Bounty Launch

Posted on August 29, 2019 by Lindsey O'Donnell

Google is looking to battle the malicious apps – and apps abusing user data – on Google Play by improving its bug-bounty program arsenal. Continue reading Google Targets Data-Abusing Apps with Bug Bounty Launch→

Implementing Bug Bounty Programs: The Right and Wrong Approaches

Posted on July 11, 2019 by Lindsey O'Donnell

Threatpost catches up with David Baker, the chief security officer at Bugcrowd, about the future of bug bounty programs. Continue reading Implementing Bug Bounty Programs: The Right and Wrong Approaches→

Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data

Posted on March 6, 2019 by Joseph Cox

In several cases, a stalker impersonated a US Marshal and reported a fake kidnapping in order to get telecom companies to give them real-time cell phone location data. Continue reading Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data→

GitHub Increases Rewards, Scope For Bug-Bounty Program

Posted on February 20, 2019 by Lindsey O'Donnell

GitHub is offering unlimited rewards for critical vulnerabilities – and has added “safe harbor” terms to its bug bounty program. Continue reading GitHub Increases Rewards, Scope For Bug-Bounty Program→

Hundreds of Bounty Hunters Had Access to AT&T, T-Mobile, and Sprint Customer Location Data for Years

Posted on February 6, 2019 by Joseph Cox

Documents show that bail bond companies used a secret phone tracking service to make tens of thousands of location requests. Continue reading Hundreds of Bounty Hunters Had Access to AT&T, T-Mobile, and Sprint Customer Location Data for Years→

I Gave a Bounty Hunter $300. Then He Located Our Phone

Posted on January 8, 2019 by Joseph Cox

T-Mobile, Sprint, and AT&T are selling access to their customers’ location data, and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country. Continue reading I Gave a Bounty Hunter $300. Then He Located Our Phone→