NordVPN praised its bug bounty program and said that a fix had been shipped within two days. NordVPN, one of the most popular virtual private network (VPN) services, has fixed a security flaw that is said to have exposed customers’ email addresses and other information. The security hole was linked to three payment platforms used by NordVPN … More Flaw in popular VPN service may have exposed customer data
The program with a prize pool of almost US$1 million aims to leverage the ‘power of the crowd’ in order to prevent another Heartbleed. The European Union (EU) is rolling out a bug bounty scheme on some of the most popular free and open source software around in a bid to ultimately make the internet … More EU offers bug bounties on popular open source software
Top-earning ethical hackers are rewarded with 2.7 times more money than the median salary of a full-time software engineer in their home country, a recent survey about the economics, geography and other aspects of bug hunting has revealed. In some countries, the financial allure of looking for security vulnerabilities is (even) more striking, according to … More How well can bug hunting pay?
Google has rewarded a Uruguayan student with $10,000 after he exposed a security flaw that could allow hackers to access sensitive data. Ezequiel Pereira discovered the vulnerability in Google’s App Engine server after changing the Host header in requests to the server using Burp. The high-school student explained in a blog post, “I was bored, so … More Google pays $10,000 for student’s bug
So-called ‘bug bounties’ are offered by some of the world’s largest websites and software companies to ensure that software bugs are found and fixed by friendly security researchers, rather than by malicious hackers who could use the same flaws to cause significant damage. Bug bounties are a relatively new phenomenon but, in recent years, have … More The world’s biggest bug bounty payouts