Security News

LayerZero Labs has launched a bug bounty on the Immunefi platform that offers a maximum reward of $15 million for critical smart contract and blockchain vulnerabilities, a figure that sets a new record in the crypto space. Bug bounty programs are initiatives launched by businesses and software developers to reward security researchers for identifying and reporting bugs in their platforms.

Babuk therefore serves as a sort-of instruction manual that teaches would-be cybercrimals how to handle the "We can decrypt this but you can't, so pay us the blackmail money or you'll never see your data again" part of a ransomware attack. The US indictment explicitly accuses Matveev of two ransomware attacks in the State of New Jersey, and one in the District of Columbia.

A Russian national has been charged and indicted by the U.S. Department of Justice for launching ransomware attacks against "Thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev, the 30-year-old individual in question, is alleged to be a "Central figure" in the development and deployment of LockBit, Babuk, and Hive ransomware variants since at least June 2020.

OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "Safe and secure." Other prohibited categories are denial-of-service attacks, brute-forcing OpenAI APIs, and demonstrations that aim to destroy data or gain unauthorized access to sensitive information.

AI research company OpenAI announced today the launch of a new bug bounty program to allow registered security researchers to discover vulnerabilities in its product line and get paid for reporting them via the Bugcrowd crowdsourced security platform."The OpenAI Bug Bounty Program is a way for us to recognize and reward the valuable insights of security researchers who contribute to keeping our technology and company secure," OpenAI said.

QNAP Systems, the Taiwanese manufacturer of popular NAS and other on-premise storage, smart networking and video devices, has launched a bug bounty program. QNAP's NAS devices, in particular, have been getting hit in the last few years by information-stealing malware, bitcoin-mining malware, and ransomware, usually delivered by exploiting vulnerabilities.

Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty. The $10 million bonty is part of the US State Department's Rewards for Justice program, and in a Thursday tweet the agency sought tips for Hive members "Acting under the direction or control of a foreign government." The notice also referenced the FBI's Hive website takedown, which the feds announced earlier that day.

The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group with foreign governments. "If you have information that links Hive or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward," the State Department's Rewards for Justice Twitter account said.

Are you experiencing slow bug bounty lead times, gaps in security skills, or low-quality reports from researchers? Intigriti's expert triage team and global community of ethical hackers are enabling businesses to protect themselves against every emerging cybersecurity threat. Join the likes of Intel, Yahoo, and Sixt who levelled up their security with Intigriti to enjoy higher quality bug bounty reports, faster lead times, and an intuitive platform.

In brief A security researcher whose Google Pixel battery died while sending a text is probably thankful for the interruption - powering it back up led to a discovery that netted him a $70,000 bounty from Google for a lock screen bypass bug. Hungarian security researcher David Schütz said in a blog post that he made the discovery when powering up his Pixel 6 and forgetting his SIM's PIN code, requiring him to dig out the Personal Unlocking Key, or PUK, that would allow him to reset the PIN. After a reboot, his phone repeatedly hung on a "Pixel is starting" screen.