Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Google Ups Bug Bounty Reward Amounts for Product Abuse Risks
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

6 years ago David Bisson
Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program.

On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for the purpose of preying upon users.

They also noted that bug bounty hunters could earn as much $5,000 for finding a Medium- to High-Impact flaw of the same threat category.

New Reward Amounts for Abuse Risks. (Source: Google Security)

Henson and Hupa explained that Google made this decision in response to ongoing fluidity within the information security space. As quoted on the Google Security Blog:

The technology (product and protection) is changing, the actors are changing, and the field is growing. Within this dynamic environment, we are particularly interested in research that protects users’ privacy, ensures the integrity of our technologies, as well as prevents financial fraud or other harms at scale.

The employees made the point that some things hadn’t changed, however. For instance, they emphasized that the bug bounty rewards still pertained to issues in which a malicious actor could potentially change a product’s code. Those awards did not include the removal of abusive content at the time when Henson and Hupa disclosed the above-mentioned changes.

Per these employees’ announcement, Google would reward all reports of product abuse submitted before September 1 using its old rewards scheme. It would use its new award framework for reports submitted on or after September 1.

Google had received more than 750 reports of previously unknown product abuse issues through its bug bounty program at the time of Henson and Hupa’s blog.

News of these increased reward amounts arrives approximately one year after Google expanded the scope of its Vulnerability Reward Program (VRP) to take product abuse risks into account.

The post ” Google Ups Bug Bounty Reward Amounts for Product Abuse Risks” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Bug, Encryption, Google, High Severity, Medium Severity, Privacy, TripWire

Continue Reading

Previous Covid-19 Exposure Logging: Key Privacy Considerations
Next Newly-discovered KryptoCibule malware has been stealing and mining cryptocurrency since 2018

More Stories

  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

22 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

2 days ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

2 days ago [email protected] (The Hacker News)

Recent Posts

  • FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
  • Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
  • CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
  • Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
  • Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT