Google has announced to pay $1 million as the top award to security researchers who can find a unique bug in its Pixel series of smartphones that may compromise users' data.
Also Read :- Camera apps in Google, Samsung smartphones affected by an Android bug that turns phones into spying devices
There is an additional 50 percent bonus if a security researcher is able to find an exploit on "specific developer preview versions of Android", resulting in a prize of $1.5 million.
The Google Bug Bounty program will reward the top prize to someone who can break into Google's Titan M "secure element."
Also Read :- Google Maps’ latest update gives you greater control over your profile: How to update
Similar to Apple's "iPhone Secure Elementa, "Titan M" is a security chip that automatically scans hackers trying to load malware when an Android phone is turned on.
For the new reward category, Google is looking for "full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices."
"We will reward extra for a full exploit chain (typically multiple vulnerabilities chained together) that demonstrates arbitrary code execution, data exfiltration, or a lock screen bypass," said Google.
Also Read :- AMAZON, GOOGLE SMART SPEAKERS CAN BE HACKED BY LASER 'LIGHT COMMANDS': REPORT
When Google first introduced its bug bounty program for Android, the biggest bug bounty reward was $38,000.
Security researchers this week identified that camera in Google Pixel smartphones can easily spy on you.
According to Erez Yalon and Pedro Umbelino, security researchers at cybersecurity firm Checkmarx, they found that vulnerabilities impact the camera apps of smartphone vendors like Google Pixel and some Samsung devices in the Android ecosystem, presenting significant implications to hundreds-of-millions of smartphone users.
Also Read :- Project Silica: Microsoft archives, retrieves Superman movie on a Quartz glass
After a detailed analysis of the Google Camera app, the team found that by manipulating specific actions and intents, an attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do so.
Google has now matched Apple in rewarding bug hunters.
Apple is planning to supply special iPhones to security researchers to help them tackle malicious hackers before they trespass or damage systems and to discover flaws and vulnerabilities better.
Also Read :- Microsoft is Now an Android Phone Maker, And Thus it Has a Future in Smartphones
Researchers with a security research track record of high-quality systems on any platform are eligible to apply and they could end up earning a maximum payout of $1 million.
Apple launched its bug bounty program three years ago at the Black Hat conference and is now extending its use to cover macOS, Apple Watch, Apple TV, and more.
Software giant Microsoft has also announced its Azure Security Lab, intended to give experts a sandbox-like safe environment to test its Cloud security services better. The company also doubled the top Azure bug bounty reward for researchers to $40,000.
Also Read :- Windows 10 preview brings Android phone calls to your PC
Also Read :- Camera apps in Google, Samsung smartphones affected by an Android bug that turns phones into spying devices
There is an additional 50 percent bonus if a security researcher is able to find an exploit on "specific developer preview versions of Android", resulting in a prize of $1.5 million.
The Google Bug Bounty program will reward the top prize to someone who can break into Google's Titan M "secure element."
Also Read :- Google Maps’ latest update gives you greater control over your profile: How to update
Similar to Apple's "iPhone Secure Elementa, "Titan M" is a security chip that automatically scans hackers trying to load malware when an Android phone is turned on.
For the new reward category, Google is looking for "full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices."
"We will reward extra for a full exploit chain (typically multiple vulnerabilities chained together) that demonstrates arbitrary code execution, data exfiltration, or a lock screen bypass," said Google.
Also Read :- AMAZON, GOOGLE SMART SPEAKERS CAN BE HACKED BY LASER 'LIGHT COMMANDS': REPORT
When Google first introduced its bug bounty program for Android, the biggest bug bounty reward was $38,000.
Security researchers this week identified that camera in Google Pixel smartphones can easily spy on you.
According to Erez Yalon and Pedro Umbelino, security researchers at cybersecurity firm Checkmarx, they found that vulnerabilities impact the camera apps of smartphone vendors like Google Pixel and some Samsung devices in the Android ecosystem, presenting significant implications to hundreds-of-millions of smartphone users.
Also Read :- Project Silica: Microsoft archives, retrieves Superman movie on a Quartz glass
After a detailed analysis of the Google Camera app, the team found that by manipulating specific actions and intents, an attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do so.
Google has now matched Apple in rewarding bug hunters.
Apple is planning to supply special iPhones to security researchers to help them tackle malicious hackers before they trespass or damage systems and to discover flaws and vulnerabilities better.
Also Read :- Microsoft is Now an Android Phone Maker, And Thus it Has a Future in Smartphones
Researchers with a security research track record of high-quality systems on any platform are eligible to apply and they could end up earning a maximum payout of $1 million.
Apple launched its bug bounty program three years ago at the Black Hat conference and is now extending its use to cover macOS, Apple Watch, Apple TV, and more.
Software giant Microsoft has also announced its Azure Security Lab, intended to give experts a sandbox-like safe environment to test its Cloud security services better. The company also doubled the top Azure bug bounty reward for researchers to $40,000.
Also Read :- Windows 10 preview brings Android phone calls to your PC
Comments
Post a Comment