• Critical Vulnerability and Privacy LoopHole Found in RoboForm Password Manager

    Unless you are a human supercomputer, remembering password is not so easy, and that too if you have a different password for each site. But luckily...

  • miniLock - Open Source File Encryption Tool from CryptoCat Developer

    It’s the age of surveillance what made the Use of Encryption so widely that it has become a need of law enforcement agencies, cyber criminals as...

  • A BEGINNERS GUIDE TO HACKING UNIX

      *************  *       A BEGINNERS GUIDE TO:        *  *        ...

  • CASH! CASH! Hacking ATM Machines with Just a Text Message

    As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million...

  • Microsoft Word Zero-Day Vulnerability is being exploited in the Wild

    Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the...

  • Snoopy Drone Can Hack Your Smartphones

    The use of unmanned aerial vehicles (UAVS) called Drones is rapidly transforming the way we go to war. Drones were once used for...

  • Android Privilege Escalation Flaws leave Billions of Devices vulnerable to Malware Infection

    Android - a widely used Smartphone platform offered by Google is once again suspected to affect its users with malicious software that puts...

  • Introduction to Netcat

    Introduction : So I was messing around on the internet and came across a tool called Netcat.  I've been messing with it for a couple of...

  • Google Nexus phone vulnerable to SMS-based DOS attack

    Google’s Nexus Smartphones are vulnerable to SMS-based DOS attack, where an attacker can force it to restart, freeze, or lose network...

  • Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

    A Symantec researcher has discovered a new Linux worm, targeting machine-to-machine devices, and exploits a PHP vulnerability...

Tuesday, 8 October 2013

Microsoft paid over $28,000 Rewards to Six Researchers for its first ever Bug Bounty Program

Microsoft today announced that they had paid more than $28,000 in rewards to Security Researchers for its first Bug Bounty program, that went on for a month during the preview release of Internet Explorer 11 (IE11).

The program was designed to run during Internet Explorer 11’s browser beta test on June 26 and went on till July 26. They said it would pay researchers up to $11,000 for each Internet Explorer 11 vulnerability they found.
In July, the company announced that the first such bounty award was given to a current employee of Google, Ivan Fratric. Today Microsoft has released the names of all the people who the company said found vulnerabilities that qualified for a bounty and paid out $28k a total of six researchers for reporting 15 different bugs.
  • James Forshaw, Context Security
    • 4 Internet Explorer 11 Preview Bug Bounty - $4,400
    • 1 Bonus for finding cool IE design vulnerabilities - $5,000
  • Jose Antonio Vazquez Gonzalez, Yenteasy - Security Research
    • 5 Internet Explorer 11 Preview Bug Bounty vulnerabilities - $5,500
  • Ivan Fratric, Google, Inc security team
    • Internet Explorer 11 Preview Bug Bounty $1,100 - Donated to Save the Children Fund
  • Masato Kinugawa
    • 2 Internet Explorer 11 Preview Bug Bounty vulnerabilities - $2,200
  • Fermin J. Serna, Google, Inc
    • 1 Internet Explorer 11 Preview Bug Bounty $500 - Donated to Save the Seattle Humane Society
  • Peter Vreugdenhil, Exodus Intelligence
    • 1 Internet Explorer 11 Preview Bug Bounty – Tier 1
Interestingly some submissions were from Google engineers, but the money was donated to the Save The Children Fund and other Charities.

Microsoft is set to release the final version of Internet Explorer 11 for Windows 8 and RT on October 17 alongside Windows 8.1.

Microsoft is also running two more software bounty programs. One will pay up to $100,000 to developers who find truly novel exploitation techniques in Windows 8.1, while the other will pay up to $50,000 for defensive ideas that block a qualifying mitigation bypass technique.
Posted by at
Labels:

1 comment:

  1. fire8 October 2013 at 03:47

    atleast they know how to give reward , not like facebook !!!!

    ReplyDelete

Subscribe to: Post Comments (Atom)