Scam of the day – November 5, 2017 – New Google bug bounty program

As I have reported to you for more than a year, various companies and even federal agencies, such as the Department of Defense offer “bug bounties” to vetted hackers who are able to identify vulnerabilities in their software,web pages and computer networks.  Google and Facebook have long made cash payments to independent hackers, sometimes called white hat hackers to distinguish them from the criminal black hat hackers, who identified vulnerabilities in their computer code.  Generally, these bounties are between $500 and $15,000.  Google has paid out millions of  dollars in bug bounties since the program was started in 2010.

Now Google is offering a new bug bounty program focused on Android apps found in the Google Play Store.  Google is also particularly interested in flaws that may be present in Dropbox, Duolingo, Snapchat, Tinder and Alibaba.  The bounty is $1,000 for every flaw that meet Google’s criteria.

TIPS

This is a positive strategy for businesses and  government to follow to enhance cybersecurity.  As for us as individuals, the best things we can do to protect our cybersecurity is to keep our anti-virus and anti-malware software up to date on all of our electronic devices and refrain from clicking on links or downloading attachments in all forms of electronic communication until we have absolutely confirmed that the communications are legitimate.  Otherwise, the risk of downloading malware is too great.

Scam of the day – May 7, 2016 – Facebook pays $10,000 bounty to 10 year old white hat hacker

I have reported a number of times about the “bug bounty” programs used by private companies such as Google and Facebook as well as, more recently, the Department of Defense in which is  now offering a “bug bounty” to vetted hackers who are able to identify vulnerabilities in their web pages and computer networks. Private companies, such as Google and Facebook have long made cash payments to independent hackers, sometimes called white hat hackers to distinguish them from the criminal black hat hackers, who identified vulnerabilities in their computer code.  Generally, these bounties are between $500 and $15,000, however, Google has recently announced that it has doubled the reward that it will pay anyone who finds a flaw in the security of its Chromebook to $100,000.   Google has paid out more than six million dollars in bug bounties since the program was started in 2010.

Now Facebook has announced that it has paid a $10,000 bounty to a ten year old boy from Finland who found a security flaw that enabled him to delete comments posted on Instagram accounts.  The boy has become the youngest white hat hacker to ever receive a bounty from Facebook which has paid 4.3 million dollars to white hat hackers through its bounty program.

TIPS

Bug bounties are a positive strategy for businesses and  government to enhance cybersecurity.  Although the ten year old white hat hacker used his talents for good, the fact that a ten year old boy has the technological sophistication to identify and exploit vulnerabilities in commonly used software programs must give us all a bit of  concern.  As for us as individuals, the best things we can do to protect our own cybersecurity is to keep our anti-virus and anti-malware software up to date on all of our electronic devices and refrain from clicking on links or downloading attachments in all forms of electronic communication until we have absolutely confirmed that the communications are legitimate.  Otherwise, the risk of downloading malware is too great.