Cryptocurrency bridge Nomad recently lost nearly $200 million to a cyber attack. Now they are offering the threat actors 90/10 split on the loot, for the return of 90% and not prosecution – Nomad will treat it as bug bounty for finding the flaw. Nomad are referring to the threat …
Bug bounties being offered by the Pentagon
Bug bounties are a useful way for vendors – and now government departments – to engage with honest, white hat, cyber security experts, to test systems for flaws. DoD issues call for hackers to dig into networks – The Record by Recorded Future
Now the ransomware gangs are offering bug bounties
It is an accepted practice for software vendors to offer a bug bounty to people who discover a flaw in their software, and report it to them. The vendor can then, hopefully, fix the vulnerability before a threat actor can exploit it. Now the ransomware gangs are at it – …
Continue reading “Now the ransomware gangs are offering bug bounties”
Bug bounties are a vendor’s shortcut to software vulnerabilities – UPDATED 26 April 2022
This post was first published on 19 April 2022 Following up on the article below, here is a real world example of bug bounties working to improve cybersecurity. The US Government’s Department of Homeland Security (DHS) worked with a group of cyber security analysts, who uncovered 122 vulnerabilities in the …
Azure flaw found, reported and fixed before it was exploited… probably
AutoWarp was discovered and reported by Orca Security to Microsoft, who patched it, before its widespread exploitation. Microsoft Azure flaw allowed unauthorized account access • The Register AutoWarp would have given unauthorised access to Azure Automation Services.
