HackDig : Dig high-quality web security articles for hackers

Are Bug Bounty Programs Worth It?

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. In &
Publish At:2020-10-12 10:28 | Read:114 | Comments:0 | Tags:Risk Management Threat Hunting Threat Intelligence Bug Bount

HP bug bounty programs now covers flaws in cartridges

HP is inviting several white hat hackers to find vulnerabilities in its office-class ink and toner cartridges as part of its bug bounty program, HP has expanded the line of products that are covered by this bug bounty program, on Thursday the IT giant invited several white hat hackers to find and report vulnerabilities in its office-class ink and toner ca
Publish At:2020-10-03 09:30 | Read:266 | Comments:0 | Tags:Breaking News Hacking Bug Bounty cartridges HP printers

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program.On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for the purpose
Publish At:2020-09-03 16:25 | Read:252 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Bug Bou

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Mozilla announced this week that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features, and defense-in-depth measures implemented i
Publish At:2020-08-21 12:58 | Read:355 | Comments:0 | Tags:Breaking News Security Bug Bounty Firefox Hacking hacking ne

Find a PlayStation 4 vulnerability and earn over $50,000

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network?If so, you could be heading towards a sizeable sum of money. That’s because Sony announced details of a new bug bounty program that it is running in co-ordination with vulnerability-reporting platform HackerOne.Sony is inviting security researchers, gamers
Publish At:2020-06-25 12:20 | Read:437 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Bug Bounty

10 Essential Bug Bounty Programs of 2020

In 2019, the State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs) since then. COVID-19 has changed the digital security landscape, as well. With that in mind, it’s time for an updated list.Here are 10 essential bug bount
Publish At:2020-06-15 06:53 | Read:585 | Comments:0 | Tags:Cyber Security Featured Articles Bug Bounty ethical hacker v

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts.  The bug hunter Bhavuk Jain received an award of $100,000 by Apple, as part of its bug bounty program, for reporting a severe vulnerability that could allow
Publish At:2020-06-01 18:57 | Read:566 | Comments:0 | Tags:Breaking News Hacking Apple Bug Bounty information security

How CVSS works: characterizing and scoring vulnerabilities

The Common Vulnerability Scoring System (CVSS) provides software developers, testers, and security and IT professionals with a standardized process for assessing vulnerabilities. You can use the CVSS to assess the threat level of each vulnerability, and then prioritize mitigation accordingly. This article explains how the CVSS works, including a review o
Publish At:2020-05-18 13:42 | Read:587 | Comments:0 | Tags:Malwarebytes news attack complexity attack vector bug bounty

Google released a Chrome 61 update that patches 2 High-Risk Flaws

Google has just released an updated version of Chrome 61, version 61.0.3163.100, that addresses 3 security flaws, two of which rated high-severity. The new version is already available for Windows, Mac, and Linux users and includes a total of three vulnerabilities. The first high-risk bug, tracked as CVE-2017-5121, is an Out-of-bounds access in V8 reported b
Publish At:2017-09-23 09:15 | Read:3746 | Comments:0 | Tags:Breaking News Security Bug Bounty Chrome High-Risk Flaws Goo

Zerodium is offers $1 Million for Tor Browser Exploits

The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor browser to law enforcement and governm
Publish At:2017-09-14 03:50 | Read:5263 | Comments:0 | Tags:Breaking News Deep Web Hacking Bug Bounty exploits Pierluigi

Mysterious company is offering up to $250,000 for VM Hacks through a bug bounty

A mysterious company is offering up to $250,000 for virtual machine (VM) hacks. The “secret” bug bounty program was announced by Bugcrowd. A mysterious company makes the headlines for offering up to $250,000 for virtual machine (VM) hacks. The “secret” bug bounty program was announced by the crowdsourced security testing platform Bugcrowd. At the time I was
Publish At:2017-08-11 16:10 | Read:4029 | Comments:0 | Tags:Breaking News Hacking Bug Bounty VM hacks VMware

A critical Improper Authentication vulnerability in Uber allowed password reset for any account

An Italian expert discovered a critical Improper Authentication vulnerability affecting the UBER platform that allowed password reset for any account. The Italian security expert Vincenzo C. Aka @Procode701 has discovered 7 months ago a critical vulnerability in UBER platform that allowed password reset for any Uber account. The researcher reported the ̵
Publish At:2017-05-18 16:45 | Read:4781 | Comments:0 | Tags:Breaking News Hacking Bug Bounty Improper Authentication Ube

Yahoo awarded $7,000 a bug hunter for Flickr account hijacking vulnerability

Yahoo awarded $7,000 to the bug hunter Michael Reizelman, aka mishre, for Flickr account hijacking vulnerability. Reizelman was a popular bug hunter that discovered vulnerabilities in many web services, including Badoo, Dropbox, GitHub, Google, Imgur, Slack, Twitter, and Uber. The expert has discovered three vulnerabilities in the company’s image and video
Publish At:2017-05-02 01:40 | Read:3379 | Comments:0 | Tags:Breaking News Hacking account hijacking Bug Bounty Flickr Ya

Intel Launches Its First-Ever Bug Bounty Program

Intel has announced it will begin rewarding researchers who responsibly disclose security vulnerabilities they find in its products.On 15 March, the Santa Clara-based multinational corporation and technology company unveiled its first-ever bug bounty. It made the announcement in Vancouver, British Columbia at the CanSecWest security conference, one of The St
Publish At:2017-03-17 12:35 | Read:4665 | Comments:0 | Tags:Latest Security News Bug Bounty Intel vulnerability

Uber pays $9,000 bug bounty payoff for partner firm’s vulnerability

A security expert discovered a flaw in a ransomware protection service that opened Uber service, and many others, to cyber attacks. The Russian penetration tester Vladimir Ivanov from the security firm Positive Technologies has discovered a vulnerability in anti-ransomware backup service Code42. The flaw could be exploited by attackers to steal data from the
Publish At:2017-01-30 01:55 | Read:4561 | Comments:0 | Tags:Breaking News Hacking Bug Bounty Uber XML external entity fl

Tools

Tag Cloud