bug bounty

The legal minefield of hacking back

bug bounty, CISO, cybersecurity, Don't miss, Features, framework, hacking, Hot stuff, ImmuneFi, law, News, opinion, strategy, tips /

The legal minefield of hacking back 2025-07-28 at 08:57 By Mirko Zorz In this Help Net Security interview, Gonçalo Magalhães, Head of Security at Immunefi, discusses the legal and ethical implications of hacking back in cross-border cyber incidents. He warns that offensive cyber actions risk violating international law, escalating conflicts, and harming innocent third parties. […]

React to this headline:

Loading spinner

The legal minefield of hacking back Read More »

Microsoft announces Zero Day Quest hacking event with big rewards

bug bounty, bug hunting, Don't miss, Microsoft, News /

Microsoft announces Zero Day Quest hacking event with big rewards 2024-11-19 at 21:19 By Mirko Zorz Microsoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in critical areas such as cloud computing and AI. Event focus

React to this headline:

Loading spinner

Microsoft announces Zero Day Quest hacking event with big rewards Read More »

Red teaming: The key ingredient for responsible AI

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, News, opinion, red team, regulation /

Red teaming: The key ingredient for responsible AI 2024-05-13 at 08:31 By Help Net Security Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory requirements. Organizations attempting to balance

React to this headline:

Loading spinner

Red teaming: The key ingredient for responsible AI Read More »

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps

Android, bug bounty, Don't miss, Google, Hot stuff, mobile apps, News /

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 2024-05-03 at 17:16 By Zeljka Zorz Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary

React to this headline:

Loading spinner

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps Read More »

How to optimize your bug bounty programs

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Features, hacker, Hot stuff, machine learning, News, opinion, policy, regulation, risk assessment, Risk Management, strategy, tips, Zoom /

How to optimize your bug bounty programs 2024-04-22 at 08:02 By Mirko Zorz In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He offers advice to organizations, stressing the importance of

React to this headline:

Loading spinner

How to optimize your bug bounty programs Read More »

Thinking outside the code: How the hacker mindset drives innovation

bug bounty, cybersecurity, Don't miss, education, Features, hacker, hacking, Hot stuff, Innovation, News, opinion, skill development, strategy, tips /

Thinking outside the code: How the hacker mindset drives innovation 2024-04-17 at 08:01 By Mirko Zorz Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security firms, government organizations, innovative start-ups, and Fortune 500 companies. She is the founder of BSidesTLV and Leading Cyber Ladies

React to this headline:

Loading spinner

Thinking outside the code: How the hacker mindset drives innovation Read More »

Crowdsourced security is not just for tech companies anymore

bug bounty, Bugcrowd, crowdsourced security, cybersecurity, News, report, survey /

Crowdsourced security is not just for tech companies anymore 2024-02-02 at 07:01 By Help Net Security There is a misconception that only software and technology companies leverage crowdsourced security. However, data contradicts this belief. Companies across various sectors are increasingly adopting crowdsourced security, as reported by Bugcrowd. The government industry sector saw the fastest growth

React to this headline:

Loading spinner

Crowdsourced security is not just for tech companies anymore Read More »

Embracing offensive cybersecurity tactics for defense against dynamic threats

bug bounty, cloud computing, cybersecurity, Don't miss, Features, Hot stuff, opinion, penetration testing, red team, regulation, SIX, strategy, Threat Intelligence /

Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security

React to this headline:

Loading spinner

Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »

Microsoft announces Defender bug bounty program

bug bounty, Don't miss, Hot stuff, Microsoft, Microsoft Defender, News, Vulnerabilities /

Microsoft announces Defender bug bounty program 22/11/2023 at 14:47 By Helga Labus Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to earn up to $20,000 for the most critical bugs. The Microsoft Defender bug bounty program Microsoft Defender includes various

React to this headline:

Loading spinner

Microsoft announces Defender bug bounty program Read More »

Google expands bug bounty program to cover AI-related threats

Artificial Intelligence, bug bounty, Don't miss, Google, Hot stuff, News /

Google expands bug bounty program to cover AI-related threats 30/10/2023 at 12:18 By Helga Labus Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. Google’s AI bug bounty program Following the voluntary commitment to the Biden-⁠Harris Administration to develop responsible AI

React to this headline:

Loading spinner

Google expands bug bounty program to cover AI-related threats Read More »

Microsoft announces AI bug bounty program

Artificial Intelligence, Bing, bug bounty, Don't miss, Hot stuff, Microsoft, News /

Microsoft announces AI bug bounty program 16/10/2023 at 15:18 By Zeljka Zorz Microsoft is offering up to $15,000 to bug hunters that pinpoint vulnerabilities of Critical or Important severity in its AI-powered “Bing experience”. “The new Microsoft AI bounty program comes as a result of key investments and learnings over the last few months, including

React to this headline:

Loading spinner

Microsoft announces AI bug bounty program Read More »

Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM

bug bounty, Chrome, Don't miss, Expert corner, exploit, Google, Google Cloud, News, virtualization /

Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM 09/10/2023 at 13:01 By Zeljka Zorz Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome’s V8 JavaScript engine and Google Cloud’s Kernel-based Virtual Machine (KVM). “We want to learn from the security community to understand how they

React to this headline:

Loading spinner

Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM Read More »

Email forwarding flaws enable attackers to impersonate high-profile domains

bug bounty, cybersecurity, Don't miss, Email, identity, Malware, News, report, spoofing, spyware, vulnerability /

Email forwarding flaws enable attackers to impersonate high-profile domains 11/09/2023 at 07:02 By Help Net Security Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego. The

React to this headline:

Loading spinner

Email forwarding flaws enable attackers to impersonate high-profile domains Read More »

Apple offers security researchers specialized iPhones to tinker with

apple, bug bounty, bug hunting, Don't miss, Hot stuff, iOS, News, research /

Apple offers security researchers specialized iPhones to tinker with 31/08/2023 at 13:05 By Helga Labus Apple is inviting security researchers to apply for the Apple Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the Apple SRDP in 2019. In the intervening years, participating researchers have identified 130 security-critical

React to this headline:

Loading spinner

Apple offers security researchers specialized iPhones to tinker with Read More »

Inspiring secure coding: Strategies to encourage developers’ continuous improvement

Application Security, bug bounty, code, cyber risk, cybersecurity, Don't miss, education, Features, framework, Hot stuff, News, opinion, Secure Code Warrior, security culture, training, vulnerability /

Inspiring secure coding: Strategies to encourage developers’ continuous improvement 25/07/2023 at 07:38 By Mirko Zorz In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the integrity and protection of digital systems. To delve deeper into this topic, we had the

React to this headline:

Loading spinner

Inspiring secure coding: Strategies to encourage developers’ continuous improvement Read More »

Google triples reward for Chrome full chain exploits

bug bounty, Chrome, Don't miss, exploit, Google, Hot stuff, News, sandbox /

Google triples reward for Chrome full chain exploits 02/06/2023 at 15:57 By Helga Labus Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher rewards for a Chrome full chain exploit The Chrome Vulnerability Rewards Program,

React to this headline:

Loading spinner

Google triples reward for Chrome full chain exploits Read More »

Scroll to Top