Bug Bounties

Vulnerabilities in Slack could have led to account hijacking

Vulnerabilities in Slack could have led to account hijacking

By

Persistence pays off as security researcher nets bug bounty for unearthing an access control bypass allowing attackers to reset passwords if they know the usernames.

To pay or not to pay...

To pay or not to pay...

Andrew Tang explores the contentious issue of paying bug bounties when software flaws are discovered.

Bug hunter finds backdoor in Facebook left by another bug hunter

Bug hunter finds backdoor in Facebook left by another bug hunter

By

A series of bug bountiers have apparently open and closed a vulnerability in the social media giant, Facebook.

The 15 most successful ethical hackers worldwide

By

Not all hackers are evil, some of them do fight to keep the internet safe. Most of the good guys do it for the bounties offered by major brands and net companies.

Malwarebytes says sorry for multiple AV bugs, still unpatched

Malwarebytes says sorry for multiple AV bugs, still unpatched

By

Malwarebytes' CEO has apologised, and launched a bug bounty scheme, after Google Project Zero researchers exposed the latest in a long line of anti-virus product flaws.

Can bug bounties replace traditional web security?

Can bug bounties replace traditional web security?

Bug bounties may appear to be an attractive way to crowd-source security testers and only pay on results, but there may be serious pitfalls for your organisation's cyber-security, says Ilia Kolochenko.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US