Bug bounties from Google and Facebook regularly clear thousands of dollars for a single, high-profile bug. Yahoo finally has joined the game, also for four figures — but with a different decimal place.
The security firm High Tech Bridge set out to see what Yahoo would pay for disclosing bugs discovered on its site, since the company hadn’t stated what they were worth but did say that it encouraged researchers to report bugs.
After reporting three cross-site scripting (XSS) vulnerabilities that could compromise a user’s account with what High Tech Bridge described as basic phishing techniques, Yahoo responded with its thanks within 48 hours. The research firm was rewarded with $12.50 per vulnerability, significantly lower than Facebook’s or Google’s lowest bounties, which come in at $500 and $100 for the lowest priority bugs, respectively.
SOURCE: news.cnet.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…