Collaborate Disseminate
“Everything changes once you have to supervise and mentor and schedule and coordinate and keep in mind all the things others don’t. You often have to hold back your own wish to research a certain thing yourself or crack things open, because peopl… Continue reading Vulnerability research and responsible disclosure: Advice from an industry veteran
Video and Slide Deck from EH-Net Live! July 2018 When most think of selling bugs, they have visions of the underground hacking scene populated by nefarious characters using their 0-days for illegal activity. But what if you could get in on the bug hunt… Continue reading Video: Bug Hunting as a Second Income
HackerOne announced findings from the 2018 Hacker-Powered Security Report, based on over 72,000 resolved security vulnerabilities, 1,000 customer programs and more than $31 million in bounties awarded to hackers from over 100 countries. The annual repo… Continue reading Hacker-powered security is reaching critical mass
Bugcrowd has released the 2018 Bugcrowd State of Bug Bounty Report, which analyzes proprietary platform data collected from more than 700 crowdsourced security programs managed by the organization. The data includes all Bugcrowd platform data from Apri… Continue reading Crowdsourced security trends: Payouts to hackers increase
Crowdsourced security penetration testing outfit Bugcrowd has released its second annual “Mind of a Hacker” report, to provide insight into bug hunters’ motivations and preferences, and help companies tailor their bug bounty initiatives so they can lead to better results for everyone. The most interesting insights gleaned from the answers of the 500 or so bug hunters who participated in the survey are as follows: They come from all over the world (216 countries), but … More → Continue reading What motivates bug hunters?
Google has started another bug bounty initiative: the Google Play Security Reward Program. While the name of the program might suggest that bug hunters will be after vulnerabilities in Google’s official Android app market, in reality they will be asked to unearth bugs in all of Google’s apps available on Google Play, as well as a short list of other popular ones. Currently in scope are the Alibaba, Dropbox, Duolingo, Headspace, Line, Snapchat, Mail.Ru, and … More → Continue reading Google wants bug hunters to probe popular Android apps for bugs
With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded.
Following major companies and organisations, the non-profit group behind Tor Project – the largest online anonymity network that
Continue reading Tor Launches Bug Bounty Program — Get Paid for Hacking!
Well, there’s some good news for hackers and bug bounty hunters!
Both tech giants Google and Microsoft have raised the value of the payouts they offer security researchers, white hat hackers and bug hunters who find high severity flaws in their produc… Continue reading Google Increases Bug Bounty Payouts by 50% and Microsoft Just Doubles It!
The U.S. Army released the results of its Hack the Army bug bounty, and said that close to $100,000 was paid out, and 118 unique and actionable vulnerabilities were reported. Continue reading Hack the Army Bounty Pays Out $100,000; 118 Flaws Fixed
Google has once again publicly disclosed a zero-day vulnerability in current versions of Windows operating system before Microsoft has a patch ready.
Yes, the critical zero-day is unpatched and is being used by attackers in the wild.
Google made the … Continue reading Google discloses Critical Windows Zero-Day that makes all Windows Users Vulnerable