Cybernews

Once upon an exploit: how fake audiobook led to Kindle takeover

A security analyst reveals how a fake audiobook could be used to take over Amazon’s Kindle, exposing user accounts and ...
Security Boulevard

Microsoft Expands its Bug Bounty Program to Include Third-Party Code

In a nod to the evolving threat landscape that comes with cloud computing and AI and the growing supply chain threats, Microsoft is broadening its bug bounty program to reward researchers who uncover ...

This Group Pays Bounties to Repair Broken Devices—Even If the Fix Breaks the Law

Fulu sets repair bounties on consumer products that employ sneaky features that limit user control. Just this week, it ...
CSO Online

Microsoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bounties

The company’s new approach is that anything touching Microsoft services is eligible for a bug bounty, regardless of its ...

Microsoft bounty program now includes any flaw impacting its services

Microsoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party.
Computer Weekly

Microsoft expands bug bounty scheme to include third-party software

The company is to offer bug bounty awards for people who report security vulnerabilities in third-party and open source ...