August 9, 2024 at 02:04PM To enhance AI model safety, we’re expanding our bug bounty program to focus on identifying and mitigating universal jailbreak attacks that could bypass AI safety measures. The $15,000 reward program, in partnership with HackerOne, invites experienced AI security researchers to apply for an early access test phase before public deployment. … Read more
August 7, 2024 at 09:23PM Samsung has introduced a bug bounty program with rewards of up to $1 million for successfully compromising its Knox Vault system in its smartphones. Other targets include TEEGRIS and Rich Execution Environment, with rewards varying based on the level of compromise. In contrast, Microsoft has awarded researchers $16.6 million in … Read more
August 6, 2024 at 01:16PM Samsung has introduced the new ‘Important Scenario Vulnerability Program’ for its mobile devices, offering bug bounty rewards of up to $1,000,000 for critical attack demonstrations. Highlighted payouts include rewards for arbitrary code execution and unlocks with data extraction. In 2023, Samsung paid security researchers $827,925 and aims to break records … Read more
August 6, 2024 at 11:30AM In 2023, Samsung paid nearly $5 million through its bug bounty program, with $828,000 disbursed. 113 researchers received rewards for reporting vulnerabilities in Galaxy mobile devices. The highest single reward of over $57,000 went to TASZK Security Labs. Samsung also increased the maximum reward to $1 million and introduced bonus … Read more
August 6, 2024 at 06:12AM Microsoft announced that it paid out $16.6 million through its bug bounty programs over the past year, an increase from the previous annual average of $13 million. They rewarded 343 researchers from 55 countries for over 1,300 eligible reports, with the largest single reward being $200,000. Microsoft plans to continue … Read more
July 17, 2024 at 06:03AM Google announced security updates for Chrome 126, addressing ten vulnerabilities, including high-severity bugs reported by external researchers. The release resolves various flaws in V8, Screen Capture, Media Stream, Audio, and Navigation. Google paid over $32,000 in bug bounty rewards and advises users to update their browsers to the latest versions. … Read more
July 11, 2024 at 02:20PM Google has increased bug payouts through its Vulnerability Reward Program by up to 5x, with a maximum reward of $151,515 for a single security flaw. The new rewards apply to vulnerability reports submitted on or after July 11th. In addition, the company has expanded payment options and updated its rules … Read more
July 1, 2024 at 12:24PM Chris Evans, CISO of HackerOne, challenges common perceptions of hackers. He defines a hacker as someone who creatively overcomes limitations and believes computer hacking is about improving life. He argues that most hackers naturally use their skills for good and emphasizes the positive impact of hacking on society. Evans also … Read more
July 1, 2024 at 10:06AM Google has introduced kvmCTF, a bug bounty program for the KVM hypervisor, offering significant rewards for vulnerabilities. Participants can attempt to conduct guest-to-host attacks in a lab environment, with potential payouts including $250,000 for a full VM escape. The program aims to enhance the security of widely used virtualization technology. … Read more
June 25, 2024 at 03:54AM Google announced a new Chrome security update addressing four high-severity memory safety vulnerabilities. 3 defects were reported by ‘wgslfuzz’ & the 4th by Cassidy Kim. wgslfuzz received a $10,000 reward for CVE-2024-6290 & Kim $4,000 for CVE-2024-6291. The update, version 126.0.6478.126 for Linux and 126.0.6478.126/127 for Windows and macOS, includes … Read more