Tag: bug-bounty
-
Diese Security-Technologien haben ausgedient
by
in SecurityNews
Tags: ai, authentication, bug-bounty, ciso, cloud, compliance, credentials, cyberattack, cyersecurity, firewall, gartner, Hardware, network, password, penetration-testing, risk, service, siem, strategy, tool, vpn, vulnerability, waf, zero-trust -
Bug Bounty Bonanza: $40,000 Reward for Escalating Limited Path Traversal to RCE
by
in SecurityNewsAs a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full full-time bug Bounty Hunter, thrives on the thrill of discovery and the challenge of finding high-impact vulnerabilities. Recently, alongside his colleague Orwa Atyat, they achieved a notable success: turning a limited path traversal vulnerability into a fully-fledged remote code execution…
-
Beware cybersecurity tech that’s past its prime, 5 areas to check or retire
by
in SecurityNews
Tags: access, advisory, ai, antivirus, attack, authentication, breach, bug-bounty, ciso, cloud, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, firewall, Hardware, network, password, penetration-testing, risk, router, siem, software, strategy, switch, threat, tool, vpn, vulnerability, waf, zero-trustCybersecurity leaders can choose from an ever-expanding list of digital tools to help them ward off attacks and, based on market projections, they’re implementing plenty of those options.Gartner predicts a 15% increase in cybersecurity spending for 2025, with global expenditures expected to reach $212 billion in the upcoming year. The research and consulting firm says…
-
DEF CON 32 Practical Exploitation of DoS in Bug Bounty
by
in SecurityNewsAuthor/Presenter: Roni Lupin Carta Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-practical-exploitation-of-dos-in-bug-bounty/
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
by
in SecurityNews
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
Bug bounty programs: Why companies need them now more than ever
by
in SecurityNews
Tags: attack, best-practice, bug-bounty, business, crypto, cyber, cybercrime, cybersecurity, defense, exploit, finance, guide, hacker, hacking, jobs, malicious, ransom, strategy, threat, tool, update, vulnerability, zero-dayIn the fast-evolving landscape of cybersecurity, the need for proactive measures has become more pressing than ever.When I first entered the cybersecurity field, the primary threats were largely opportunistic hackers exploiting known vulnerabilities and multi-million-dollar ransoms were unheard of. Today, the stakes are significantly higher. According to Cybersecurity Ventures, cybercrime is expected to cost the…
-
Crypto.com Launches Massive $2m Bug Bounty Program
by
in SecurityNews
Tags: bug-bountyCrypto.com has launched a massive $2m bug bounty program on HackerOne, the largest ever offered on the platform, to enhance platform security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cryptocom-launches-2m-bug-bounty/
-
835 Sicherheitslücken durch White Hat Hacker aufgedeckt
by
in SecurityNewsSogenannte White-Hat-Hacker, die auf der Seite des Gesetzes stehen, haben im Jahr 2023 835 Sicherheitslücken entdeckt und über Bug-Bounty-Programme 45… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/835-sicherheitslucken-durch-white-hat-hacker-aufgedeckt
-
Uniswap Labs to Offer $15.5 Million Bounty for Bug Hunters
by
in SecurityNewsUniswap Labs has launched a $15.5 million bug bounty program to ensure the security of its latest protocol, Uniswap v4. This substantial bounty is the largest ever offered in the history of the DeFi sector. Uniswap v4 represents the latest evolution of the Uniswap Protocol, marking a significant transformation into a comprehensive developer platform. This…
-
Microsoft launches $4M bug bounty challenge to secure AI, cloud
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-launches-4m-bug-bounty-challenge-to-secure-ai-cloud
-
Microsoft KI und Cloud: Neues Bug-Bounty-Event mit 4 Millionen US-Dollar Prämie
by
in SecurityNewsEntdecken Sicherheitsforscher beim neuen Zero-Day-Quest-Event Lücken in Microsoft-Produkten, winken hohe Geldprämien. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-KI-und-Cloud-Neues-Bug-Bounty-Event-mit-4-Millionen-US-Dollar-Praemie-10077677.html
-
Microsoft announces Zero Day Quest hacking event with big rewards
by
in SecurityNewsMicrosoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/19/microsoft-zero-day-quest-hacking-event/
-
Microsoft launches Zero Day Quest hacking event with $4 million in rewards
by
in SecurityNewsMicrosoft announced today at its Ignite annual conference in Chicago, Illinois, that it’s expanding its bug bounty programs with Zero Day Quest, a new hacking event focusing on cloud and AI products and platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-launches-zero-day-quest-hacking-event-with-4-million-in-rewards/
-
HackerOne urges U.S. to advocate for research protections in UN cybercrime treaty
by
in SecurityNewsThe company responsible for bug bounty platforms warns in a letter to top U.S. officials that the treaty’s vague language could undermine ethical security research. First seen on cyberscoop.com Jump to article: cyberscoop.com/un-cybercrime-treaty-hackerone-letter-security-research/
-
AI Bug Bounty Program Yields 34 Flaws In Open Source Tools
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36535/AI-Bug-Bounty-Program-Yields-34-Flaws-In-Open-Source-Tools.html
-
Bug Bounty Platform Bugcrowd Secures $50 Million in Growth Capital
by
in SecurityNewsBugcrowd has secured $50 million in growth capital facility from Silicon Valley Bank for expansion and innovation. The post Bug Bounty Platform Bugcro… First seen on securityweek.com Jump to article: www.securityweek.com/bug-bounty-platform-bugcrowd-secures-50-million-in-growth-capital/
-
AI bug bounty program yields 34 flaws in open-source tools
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/ai-bug-bounty-program-yields-34-flaws-in-open-source-tools
-
Apple Launches ‘Apple Intelligence’ and Offers $1M Bug Bounty for Security
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/apple-launches-apple-intelligence-bug-bounty/
-
DEF CON 32 AppSec Village The Darkest Side of Bug Bounty
by
in SecurityNewsAuthors/Presenters:Jason Haddix Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 erudite content… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/def-con-32-appsec-village-the-darkest-side-of-bug-bounty/
-
Bug-Bounty-Programm: Sicherheitsforscher sollen Googles Cloud quälen
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Bug-Bounty-Programm-Sicherheitsforscher-sollen-Googles-Cloud-quaelen-9989683.html
-
Elevating SaaS Security: The Strategic Role of Bug Bounty Programs
by
in SecurityNewsFor engineers and security professionals working within SaaS environments, the standard suite of security tools, firewalls, IDS/IPS, SIEMs, WAFs, endp… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/elevating-saas-security-the-strategic-role-of-bug-bounty-programs/
-
Big Rewards Offered in Dedicated Google Cloud Bug Bounty Program
by
in SecurityNewsMore than 460 products and services are covered under Google Cloud’s new VRP, with 140 eligible for top tier bug bounty rewards. The post Big Rewards … First seen on securityweek.com Jump to article: www.securityweek.com/big-rewards-offered-in-dedicated-google-cloud-bug-bounty-program/
-
PTaaS vs. Bug Bounty Programs: Complementary or Competing Approaches?
by
in SecurityNewsIntroduction Imagine you’re the CISO of a rapidly growing tech company. Your infrastructure is expanding daily, and with each new line of code, the po… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/ptaas-vs-bug-bounty-programs-complementary-or-competing-approaches/
-
Arc browser launches bug bounty program after fixing RCE bug
by
in SecurityNewsThe Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project and receive re… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/arc-browser-launches-bug-bounty-program-after-fixing-rce-bug/
-
How integrated pentesting and bug bounty programs give security teams an edge
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/perspective/how-integrated-pentesting-and-bug-bounty-programs-give-security-teams-an-edge
-
Google beefs up Chrome bug bounty program
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/google-beefs-up-chrome-bug-bounty-program
-
CertiK Issues Public Apology to Kraken Over $3M Bug Bounty Incident
by
in SecurityNewsThe cybersecurity firm CertiK has publicly confirmed its involvement in the incident with the cryptocurrency exchange Kraken, which had earlier accuse… First seen on securityonline.info Jump to article: securityonline.info/certik-issues-public-apology-to-kraken-over-3m-bug-bounty-incident/
-
Google increases Chrome bug bounty rewards up to $250,000
by
in SecurityNewsGoogle has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum possible rew… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-increases-chrome-bug-bounty-rewards-up-to-250-000/
-
Google Play bug bounty program shutdown imminent
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/google-play-bug-bounty-program-shutdown-imminent