Connect with us
Researchers Accused Microsoft of Reducing Bug Bounty Amounts Researchers Accused Microsoft of Reducing Bug Bounty Amounts

Security

Researchers Accused Microsoft of Reducing Bug Bounty Amounts

Published

on

In some cases, the tech giant has reduced the remuneration tenfold or 90%.

A number of security researchers have accused Microsoft of reducing the amount of fees that the company pays for reporting vulnerabilities as part of its bug bounty program. Apparently, in some cases, the tech giant has reduced the remuneration tenfold or 90%.

As recently as last year, researcher Marcus Hutchins, also known as MalwareTech, reported on Twitter, that for the discovered vulnerability he received from the company only $ 1,000, although earlier the amount of remuneration for such vulnerabilities was $ 10,000.

Other researchers are posting similar complaints. For example, as a security researcher for Hyper-V virtualization under the alias rthhh17 recently reported, Microsoft estimated its vulnerability, which can be exploited from a guest machine, at only $ 5,000.

The most recent example of a disgruntled researcher is Abdelhamid Naseri, who posted a PoC code for an as-yet-unpatched Windows vulnerability in retaliation for Microsoft’s reduced bounty.

The current bug bounty pricing is as follows:

2.jpg

33.jpg

4.jpg

It is noteworthy that although rthhh received for its vulnerability of remote code execution in Hyper-V only $ 5 thousand, according to the Microsoft website, such vulnerabilities are estimated “up to $ 250 thousand.” In other words, the company has cut the remuneration amount by 80%.

Click to comment

Leave a Reply

Your email address will not be published.

Components

4 TB of security from Samsung. External SSD T7 Shield is now available in a new version for 420 euros

Published

on

4 TB of security from Samsung External SSD T7 Shield

Samsung has decided to release a new version of its secure external SSD T7 Shield.

4 TB of security from Samsung.  External SSD T7 Shield is now available in a new version for 420 euros

The device was introduced almost a year ago in 1 and 2 TB versions. Now, a 4 TB modification is entering the market.

In Europe, they ask for 420 euros for such an SSD. For comparison, the prices for the younger versions are 135 and 220 euros.

Recall, T7 Shield offers a good level of protection. There is also protection against water and moisture (IP65), and protection against falls from a height of up to 3 meters. Actually, since this is a solid state drive, it is likely that it will survive a much more serious fall.

The device is equipped with a USB-C 3.2 Gen 2 interface and offers read and write speeds of 1050 and 1000 MB/s, respectively. The device weighs only about 100 g.

Continue Reading

Security

ChatGPT can be used to write viruses and ransomware – this was confirmed by information security specialists

Published

on

ChatGPT can be used to write viruses and ransomware

Network resources reported that examples appeared on the network of how the popular chat bot ChatGPT writes code for viruses. Network security company Check Point Research discovered this and said that the use of AI increases the danger from hackers. On the thematic forums, the first information about the successful writing of viruses using ChatGPT has already appeared.

ChatGPT can be used to write viruses and ransomware - this was confirmed by information security specialists

One example was a program that, after refinement, can be turned into “extortionist”. It can encrypt data on the user’s PC and will require payment for decryption. In a more advanced version of the program, penetration into the target server is provided, from where hackers already gain access to all the data of the victim

In addition, the neural network can write phishing emails – this has already been checked by Check Point Research specialists themselves. The letter also contained an Excel file with an embedded macro that was launched when the file was opened.

However, this is not all. Experts were able to get AI to create scripts for scanning network ports and other tools.

At the same time, Check Point Research believes that it is too early to say that ChatGPT has become a new tool for hackers, but the attacker community has already become interested in it. Note that earlier the system was already able to pretend to be a Linux machine, as well as write a number of programs and websites.

Continue Reading

Security

“Germany has not taken seriously the security threat posed by China.” The country has increased dependence on Huawei

Published

on

Germany has not taken seriously the security threat posed by

Despite the huge number of sanctions imposed by the US and other countries against Huawei, Germany has only increased its dependence on this Chinese company.

Germany has not taken seriously the security threat posed by

According to a recent Strand Consult report cited by Reuters, Germany has become even more dependent on Huawei to build 5G infrastructure than it was when building 4G networks. More specifically, Huawei accounts for 59% of all 5G network equipment in Germany. We are talking about base stations and related equipment. For comparison, in the case of 4G networks, Huawei’s share in Germany is 57%. What’s interesting is the fact that Huawei’s share in this area is higher in Berlin than in Beijing, where the company faces serious competition from ZTE.

According to the report, there are signs that Germany has not taken seriously the security threat posed by China. At the same time, Huawei equipment is simply cheaper than analogues of European players in this market, which is why a number of countries, including Germany, continue to purchase Huawei products.

Continue Reading

Most Popular