HackDig : Dig high-quality web security articles

Interview with a bug bounty hunter: Youssef Sammouda

Behind the scenes there are many people working in cyber-security that make the internet a safer place. Youssef Sammouda is one of these people. He has submitted at least a hundred reports to Facebook which have been resolved, making Facebook a safer platform along the way. Generally speaking, people may refer to this work as being a bug bounty hunter, but t
Publish At:2021-04-20 13:09 | Read:97 | Comments:0 | Tags:Hacking Security world bug bounty facebook Youssef Sammouda

Pwn2Own 2021 Day 1 – participants earned more than $500k

The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day. The Pwn2Own 2021 has begun, this year the formula for the popular hacking competition sees the distribution of the participants amongst various locations. The competition’s organizer, Trend Micro’s Zero Day Initiative (ZDI), describ
Publish At:2021-04-07 13:35 | Read:165 | Comments:0 | Tags:Breaking News Hacking Bug Bounty information security news I

Beware of technical “experts” bombarding you with bug reports

byPaul DucklinWe’re all appalled at scammers who take advantage of people’s fears to sell them products they don’t need, or worse still products that don’t exist and never arrive.Worst of all, perhaps, are the scammers who offer products and services that do exactly the opposite of what they claim – making their victims pay up s
Publish At:2021-02-09 13:07 | Read:342 | Comments:0 | Tags:Security leadership Vulnerability bug bounty fake support ca

Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts

A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them to company’s servers. The Indian white hat hackers Harsh Jaiswal and Rahul Maini claim to have discovered multiple flaws that allowed them to access Apple servers. The duo started focusing on Apple’s infrastructure in an attemp
Publish At:2021-01-18 13:54 | Read:867 | Comments:0 | Tags:Breaking News Hacking Apple Bug Bounty information security

HackerOne announces first bug hunter to earn more than $2M in bug bounties

White hat hacker could be a profitable profession, Cosmin Iordache earned more than $2M reporting flaws through the bug bounty program HackerOne. Iordache is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. 334 days ago we announced Cosmin as the 7th hack
Publish At:2020-12-27 07:36 | Read:634 | Comments:0 | Tags:Breaking News Hacking Security Bug Bounty HackerOne hacking

Critical remote code execution fixed in PlayStation Now

Security flaws in the PlayStation Now cloud gaming Windows application allowed hackers to execute arbitrary code on Windows systems. Bug bounty hunter Parsia Hakimian discovered multiple security flaws in the PlayStation Now (PS Now) cloud gaming Windows application that allowed hackers to execute arbitrary code on Windows devices running vulnerable app v
Publish At:2020-12-08 07:49 | Read:493 | Comments:0 | Tags:Breaking News Hacking Bug Bounty hacking news information se

S3 Ep8: A conversation with Katie Moussouris [Podcast]

byPaul DucklinHi, everyone – for S3 Ep8, we’ve gone live a day early to take into account the US Thanksgiving holiday on Thursday. (Followed, of course, by Black Friday, so if you’re splashing out online, please take care out there!)This week, we talk to hacker and vulnerability disclosure pioneer, Katie Moussouris. Katie Moussouris, CEO of
Publish At:2020-11-25 11:55 | Read:535 | Comments:0 | Tags:Podcast Security leadership Vulnerability @k8em0 bug bounty

Companies paid $4.2M bug bounties for XSS flaws in 2020

Cross-Site Scripting (XSS) issues are the most common vulnerabilities that received the highest amount of rewards on the HackerOne vulnerability reporting platform. Cross-Site Scripting (XSS) is the most common vulnerability type and received the highest amount of rewards on the HackerOne vulnerability reporting platform. XSS vulnerabilities accounted
Publish At:2020-10-31 18:23 | Read:830 | Comments:0 | Tags:Breaking News Hacking Reports Bug Bounty HackerOne platform

Are Bug Bounty Programs Worth It?

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. In &
Publish At:2020-10-12 10:28 | Read:639 | Comments:0 | Tags:Risk Management Threat Hunting Threat Intelligence Bug Bount

HP bug bounty programs now covers flaws in cartridges

HP is inviting several white hat hackers to find vulnerabilities in its office-class ink and toner cartridges as part of its bug bounty program, HP has expanded the line of products that are covered by this bug bounty program, on Thursday the IT giant invited several white hat hackers to find and report vulnerabilities in its office-class ink and toner ca
Publish At:2020-10-03 09:30 | Read:1144 | Comments:0 | Tags:Breaking News Hacking Bug Bounty cartridges HP printers

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program.On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for the purpose
Publish At:2020-09-03 16:25 | Read:700 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Bug Bou

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Mozilla announced this week that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features, and defense-in-depth measures implemented i
Publish At:2020-08-21 12:58 | Read:1024 | Comments:0 | Tags:Breaking News Security Bug Bounty Firefox Hacking hacking ne

Find a PlayStation 4 vulnerability and earn over $50,000

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network?If so, you could be heading towards a sizeable sum of money. That’s because Sony announced details of a new bug bounty program that it is running in co-ordination with vulnerability-reporting platform HackerOne.Sony is inviting security researchers, gamers
Publish At:2020-06-25 12:20 | Read:890 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Bug Bounty

10 Essential Bug Bounty Programs of 2020

In 2019, the State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs) since then. COVID-19 has changed the digital security landscape, as well. With that in mind, it’s time for an updated list.Here are 10 essential bug bount
Publish At:2020-06-15 06:53 | Read:1394 | Comments:0 | Tags:Cyber Security Featured Articles Bug Bounty ethical hacker v

Expert earns $100,000 for ‘Sign in with Apple’ authentication bypass bug

The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts.  The bug hunter Bhavuk Jain received an award of $100,000 by Apple, as part of its bug bounty program, for reporting a severe vulnerability that could allow
Publish At:2020-06-01 18:57 | Read:1128 | Comments:0 | Tags:Breaking News Hacking Apple Bug Bounty information security