Bug Bounties

Google has moved to strengthen Kernel-based Virtual Machine hypervisor security with the introduction of the new kvmCTF vulnerability reward program, reports BleepingComputer.

Kraken Exchange’s CSO claims the researchers used its bug bounty program to extort the company.

Apple has rolled out security updates to address a zero-day vulnerability in the Safari web browser that was exploited during the recent Pwn2Own Vancouver hacking competition, BleepingComputer reports.

We already have bug bounties for web apps so it was only a matter of time before we would have bounties for AI-related bugs. Keith Hoodlet shares his experience winning first place in the DOD's inaugural AI bias bounty program. He explains how his education in psychology helped fill in the lack of resources in testing an AI's bias. Then we discuss ...

Casey recently was involved in an event that brought hackers and 5G technology together, tune-in to learn about the results and how we can use bug bounty programs to improve the security of "things". This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

Security Affairs reports that zero-day vulnerability research hub and acquisition platform Crowdfense has increased its exploit acquisition program to provide up to $30 million in total rewards, while expanding its scope to cover security issues impacting enterprise software, messengers, and Wi-Fi/baseband.

Major crowdsourced cybersecurity platform Bugcrowd has landed $102 million from a new funding round, bringing total investment to more than $180 million, reports TechCrunch.