Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Google Ups Bug Bounty Reward Amounts for Product Abuse Risks
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

5 years ago David Bisson
Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program.

On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for the purpose of preying upon users.

They also noted that bug bounty hunters could earn as much $5,000 for finding a Medium- to High-Impact flaw of the same threat category.

New Reward Amounts for Abuse Risks. (Source: Google Security)

Henson and Hupa explained that Google made this decision in response to ongoing fluidity within the information security space. As quoted on the Google Security Blog:

The technology (product and protection) is changing, the actors are changing, and the field is growing. Within this dynamic environment, we are particularly interested in research that protects users’ privacy, ensures the integrity of our technologies, as well as prevents financial fraud or other harms at scale.

The employees made the point that some things hadn’t changed, however. For instance, they emphasized that the bug bounty rewards still pertained to issues in which a malicious actor could potentially change a product’s code. Those awards did not include the removal of abusive content at the time when Henson and Hupa disclosed the above-mentioned changes.

Per these employees’ announcement, Google would reward all reports of product abuse submitted before September 1 using its old rewards scheme. It would use its new award framework for reports submitted on or after September 1.

Google had received more than 750 reports of previously unknown product abuse issues through its bug bounty program at the time of Henson and Hupa’s blog.

News of these increased reward amounts arrives approximately one year after Google expanded the scope of its Vulnerability Reward Program (VRP) to take product abuse risks into account.

The post ” Google Ups Bug Bounty Reward Amounts for Product Abuse Risks” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Bug, Encryption, Google, High Severity, Medium Severity, Privacy, TripWire

Continue Reading

Previous Covid-19 Exposure Logging: Key Privacy Considerations
Next Newly-discovered KryptoCibule malware has been stealing and mining cryptocurrency since 2018

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

7 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

9 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

9 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

13 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach

Securing the Mid-Market Across the Complete Threat Lifecycle

13 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

16 hours ago [email protected] (The Hacker News)

Recent Posts

  • Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
  • OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
  • Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
  • ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
  • Securing the Mid-Market Across the Complete Threat Lifecycle

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT