#VulnerabilityReports

Bipartisan Bill to Tighten Vulnerability Disclosure Rules for Federal Contractors

by

August 12, 2024 at 07:12AM Senators Mark R. Warner and James Lankford introduced the bipartisan Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024, aiming to enforce vulnerability disclosure rules for federal contractors. The bill mandates adherence to National Institute of Standards and Technology (NIST) guidelines and requires implementation of formal vulnerability disclosure policies to mitigate … Read more

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year

by

August 6, 2024 at 06:12AM Microsoft announced that it paid out $16.6 million through its bug bounty programs over the past year, an increase from the previous annual average of $13 million. They rewarded 343 researchers from 55 countries for over 1,300 eligible reports, with the largest single reward being $200,000. Microsoft plans to continue … Read more

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

by

April 4, 2024 at 06:18AM Zoom’s bug bounty program has paid out over $10 million since its 2019 launch, with 2023 seeing $2.4 million in rewards for 1,000 vulnerability reports. The company published advisories for 58 vulnerabilities and introduced an open source Vulnerability Impact Scoring System to assess and prioritize vulnerabilities based on actual demonstrated … Read more