Facebook will start rewarding security researchers who report data abuse happening on Instagram, the company has announced. This is an expansion of Facebook’s Data Abuse Bounty program, which it introduced in April 2018.
2019
Microsoft and Apple have both leveled up their bug bounty programs with new incentives for security researchers.
At Black Hat 2019 today, Microsoft announced the Azure Security Lab, a sandbox-like environment for security researchers to test its cloud security. The company also doubled the top Azure bug bounty to $40,000.
The Singapore Government has announced a new short-term bug bounty program to for external hackers to find vulnerabilities in nine key government-run websites.
Cross-site scripting, improper authentication and information disclosure were the top three vulnerabilities found by ethical hackers in 2018.
More than 30 security issues have been fixed in VLC, the popular open source media player, with developers praising an EU-funded bug bounty program for helping produce its most secure update yet.
Four months since going public with our bug bounty program, we dive into where we’re at, what success looks like, and what to expect down the road.