Lumaktaw sa pangunahing content

Google to offer $200,000 for reporting bugs in Android

Google will pay hackers $200000 for finding bug in Android
The company has since a long time, had a bounty program wherein every individual that reports a zero day bug ( bug not previously known ) would get a monetary reward for their efforts. After the recent Judy & Fireball malware however, Google has upped the reward many times over.
Better safe than sorry
The upgrade in the bounty program should not come as a surprise to those aware of the recent malware attacks. Its been days since news of the Judy malware attack broke. For those unfamiliar with it, the attack consisted of a number of apps that existed on the Play Store which would install adware onto their user’s devices. There were reports that over 40 apps were infected with this malware – one that managed to get past Google’s malware filters and although Google did remove these apps from their Play Store, it is being reported that those 40 apps were cumulatively downloaded over 40 million times. With this in mind, it makes sense that Google would want to know and plug such loopholes quickly.
Google has been running the bounty program for around 2 years and is reported to have paid around $ 1.5 million in rewards. The monetary reward act as an incentive for researchers to find and report these bugs before cyber criminals can make use of them. While the amount can seem high, the potential financial loss if these bugs were used in attacks are incalculable and Google can certainly can’t afford them. Google apparently has now decided to utilize their deep pockets in making Android more secure by upping the bounty rewards.
Upgrades
The bounty system obviously has levels based on the seriousness of the bugs. The first level of reward for finding bugs that could allow an attacker to gain remote access to a device and use it to steal a user’s personal data was around $ 30,000 which will now be increased to $150,000 a 5X increase. The second level includes Verified Boot and Trust Zone bugs. Verified boot ensures that the phone’s software isn’t affected while Trust Zone covers security software, fingerprint scans, biometric data, system settings and more alike. The reward for these bugs was $50,000 which has now been upped to $200,000. A blog post was made in regards to these changes by the Android Security team,
“Rewards for a remote exploit chain or exploit leading to TrustZone or Verified Boot compromise increase from $50,000 to $200,000 – Rewards for a remote kernel exploit increase from $30,000 to $150,000.”

Recent attacks that might have inspired the upgrade
There were reports coming in recently that claimed in addition to the Judy malware we spoke about earlier, there was also another malware doing the rounds named Fireball. This malware also spread through apps and had amassed between 4.5 to 18 million downloads before they could be taken down.
Mga etiketa:

Mga Komento

Mag-post ng isang Komento

Any Comment's,Feedback or Suggestion Comment Here.

Mga sikat na post sa blog na ito

EARN BITCOIN

MALAKI NA HALAGA NG BITCOIN SA PHP KAYA EARN NA :) 1 BITCOIN = 500,000+Php HEY BTC AND SATOSHI EARNERS! HERE IS MY MOST TRUSTED, LEGIT SITE'S AND APP'S  TO EARN. 3 APP's FOR EARNING BITCOIN FREE 1,000 SATOSHI IF YOU USE MY CODE ' 2DVRYJ' >  https://play.google.com/store/apps/details?id=com.claimbitcoinnetwork.sst >  https://play.google.com/store/apps/details?id=com.claimbitcoinnetwork.wos >  https://play.google.com/store/apps/details?id=tech.jplabs.bitcoin EARN LOAD USING MESSENGER > m.me/neargroup?ref=R_II6ig1 FREE 300PHP UPON SIGN UP > https://affiliate.paysbook.co/auth/register?id=Mryosojmlf EARN BITCOIN,LITECOIN,DOGECOIN,DASH COIN MAIN SITE:  coinpot.co FAUCET SITE'S: > http://moonbit.co.in/?ref=8e315d2026b4 (BITCOIN) > http://moondoge.co.in/?ref=7d9dbc153226 (DOGECOIN) > http://moonliteco.in/?ref=7b7bb9509913 (LITECOIN) > http://moondash.co.in/?ref=87DACF2841DD (DASH) > http://moonb.ch/?ref=62497
24 na komento
Magbasa nang higit pa

Top 5 IT Security Certifications

Top 5 IT Security Certifications To Enhance Your Career While not having an IT security certification doesn’t disqualify you from getting a job offer or promotion, but prospective employers looking for industry-leading credentials look at it as one measure of qualifications and commitment to quality. As the market for information security talent heats up and the skills shortage continues, infosec experts who have the right combination of credentials and experience are in remarkably high demand. “A certification today is like a college degree,” says Grady Summers, America’s leader for information security program management services at Ernst & Young. “You may not hire a candidate just because they have one, but it is something that you come to expect in this field.” “There is no replacement for real-world experience,” Summers says. “However, certifications are important and have become de facto minimum criteria when screening resumes.” Here is a list of top five secur
Mag-post ng isang Komento
Magbasa nang higit pa

Hiniling daw ni Kitty Duterte sa Pangulo na ipatanggal ang K-12 program

Hiniling daw ni Kitty Duterte sa Pangulo na ipatanggal ang K-12 program Manila Philippines, Hiniling umano ni Presidential Daughter Kitty Duterte sa kanyang ama na si Pangulong Rodrigo Duterte na ipatanggal ang K-12 program sa paaralan. Alamin at panoorin ang buong report mula sa news5. Panoorin ang video: Payag ba kayo na tanggalin ang K-12 program?
1 komento
Magbasa nang higit pa