Collaborate Disseminate
An Argentinian has garnered $1m in bug bounties, while a German researcher has given up on getting any bounty at all from Apple. Continue reading Apple gets bug for free, while world sees first $1m bug hunter
He is also the all-time top-ranked hacker on HackerOne’s leaderboard, out of more than 330,000 hackers competing for the top spot. Continue reading Teen Becomes First to Earn $1M in Bug Bounties with HackerOne
A big player in one of the buzziest areas of cybersecurity soon will begin offering penetration testing services, entering a market where firms deploy dedicated teams or use automation to perform the same tasks. Since its founding in 2012, bug bounty program provider HackerOne has made its name by building a stable of freelance security researchers that poke around on client networks. By connecting hackers with customers including GM, Starbucks and the U.S. Department of Defense, HackerOne helps more than 1,200 organizations find and fix security vulnerabilities. The San Francisco-based firm now says its expanding to offer crowdsourced pen-testing, a market CEO Mårten Mickos suggested now stands at roughly $1 billion. It’s a step up from the current bug bounty market, which he pegged at around $150 million. “Most [penetration testing] companies suck,” Mickos said during a recent interview in New York City. “Our plan is to take the market […]
The post HackerOne thinks its freelance hackers can conduct penetration tests better than actual pentesting companies appeared first on CyberScoop.
317 researchers from 78 countries turned 2018 into a worldwide bug-crunching spree. Continue reading Google paid out $3.4m in bug bounties last year
Trying to make a living as a programmer participating in bug bounties is the same as convincing yourself that you’re good enough at Texas Hold ‘Em to quit your job. There’s data to back this up in Fixing a Hole: The Labor Market for B… Continue reading On Bounties and Boffins
Any chance we could appeal to your conscience and integrity and put in a call for ethical disclosure? Continue reading Zerodium’s waving fatter payouts for zero-day bug hunters
Apple exploits will fetch the highest price. Continue reading Zerodium Raises Zero-Day Payout Ceiling to $2M
A startup company famous for purchasing zero-day exploits is increasing its bounties to anyone who discovers one in Apple operating systems or popular messaging technologies. Zerodium on Monday announced it will pay up to $2 million for remote iOS jailbreaks, $1 million for information that allows remote code execution in WhatsApp, iMessage, or texting apps, and $500,000 for Google Chrome exploits. The bounties are up from $1.5 million, $500,000, and $200,000, respectively. Such price increases are in part a reflection of tighter security in popular technology, Zerodium founder Chaouki Bekrar told CyberScoop in 2017. “The price that Zerodium puts on a product is always an indication of the security of that product; the higher the price, the better is the security of the product,” he said. While many companies offer bug bounties for their own products, Zerodium offers a different service. The Washington-based firm pays for original research that it […]
The post Zerodium offers $2 million for iOS zero-days appeared first on CyberScoop.
Continue reading Zerodium offers $2 million for iOS zero-days
A startup company famous for purchasing zero-day exploits is increasing its bounties to anyone who discovers one in Apple operating systems or popular messaging technologies. Zerodium on Monday announced it will pay up to $2 million for remote iOS jailbreaks, $1 million for information that allows remote code execution in WhatsApp, iMessage, or texting apps, and $500,000 for Google Chrome exploits. The bounties are up from $1.5 million, $500,000, and $200,000, respectively. Such price increases are in part a reflection of tighter security in popular technology, Zerodium founder Chaouki Bekrar told CyberScoop in 2017. “The price that Zerodium puts on a product is always an indication of the security of that product; the higher the price, the better is the security of the product,” he said. While many companies offer bug bounties for their own products, Zerodium offers a different service. The Washington-based firm pays for original research that it […]
The post Zerodium offers $2 million for iOS zero-days appeared first on CyberScoop.
Continue reading Zerodium offers $2 million for iOS zero-days
Rewards on 15 bug bounty programs start at $28,600 and include open source software such as KeePass, FileZilla, Drupal and VLC media player. Continue reading EU to offer nearly $1m in bug bounties for open-source software