Showing posts with label Bug Bounty. Show all posts
Showing posts with label Bug Bounty. Show all posts

NetFlix Launched Its Bug Bounty Program on BugCrowd


In the course of recent years, Netflix has gotten private bug reports, and since 2016 has likewise had a shut bug bounty program that isn't accessible to the overall population. Amid this time, the specialists found in the results of Netflix 190 distinct bugs. The biggest paid bounty for now, as per the organization, was a compensation of $ 15,000, which the IS specialists gotten for an anonymous basic issue. 


Presently the organization has at long last declared the dispatch of an open reward program for vulnerabilities on the Bugcrowd stage , anybody can partake in it. 

Analysts may get compensation extending from $ 100 to $ 15,000 for vulnerabilities. You can look for bugs on a few areas of the organization, and in portable applications for iOS and Android. We think about XSS, CSRF, SQL injections, authentication and authorization problems, data leaks, bugs that allow remote execution of arbitrary code, problems related to redirects, operation logic, MSL protocol and mobile API.

All the very best with the find. 

A Couple of Hackers Awarded For Finding a Weakness in Air Force Software


A couple of Hackers found a weakness in Air Force Software that enabled them to access the Department of Defense's unclassified system—a locate that earned them more than $10,000, the biggest payout ever in an administration bug abundance program. 

Security scientists Brett Buerhaus and Mathias Karlsson revealed the defenselessness amid Hack the Air Force, a bug abundance program like the Hack the Army and Hack the Pentagon programs keep running by the US Defense Department. 

Image Courtesy: U.S Airforce

Bug abundance programs, which remunerate programmers who discover vulnerabilities with money, are regular in the tech business. Yet, the US government has been a bit slower to receive them, for a few reasons: Federal offices have stricter rules about how they can spend their financial plans, and they're more careful about opening themselves up to programmers. Yet, that has been changing gradually since the Defense Department propelled its first bug abundance a year ago. 

“I didn’t expect how willing they were to work with us to figure out the issue and see how impactful it was,” Buerhaus said in a statement. “There’s such a perception of the government being closed off and ready to sweep issues under the rug. It was great seeing how excited they were to work with us. This honestly changes everything, and it’s clear they care about working with us to protect their interests.”

Through the span of only nine hours, Buerhaus, Karlsson, and many other taking an interest programmers could discover 55 vulnerabilities in Air Force software. The program will proceed through January 1, giving programmers much more opportunity to discover defects. 

Bauerhaus and Karlsson will part the $10,650 bug abundance, which is more than double the past best Hack the Air Force bug abundance payout. The principal Hack the Air Force challenge, which was held not long ago, paid a best bug abundance of $5,000. Hack the Army and Hack the Pentagon have each maximized around $3,000. (These are only the general population payouts, however, and private bounties may be higher.) 

“Hack the Air Force allowed us to look outward and leverage the range of talent in our country and partner nations to secure our defences,” Air Force chief information security officer Peter Kim said in a statement. “We’re greatly expanding on the tremendous success of the first challenge by opening up approximately 300 public facing AF websites. The cost-benefit of this partnership is invaluable.”