The Biggest Bounties Facebook, Microsoft and More Have Paid …

[ad_1]

Facebook awarded Russian security researcher Andrew Leonov $40,000 for finding a flaw in its photo editing software ImageMagick. The bug, which was originally discovered last year by Facebook’s security team, was temporarily patched up, but Leonov found a flaw in their handywork, making Facebook’s servers vulnerable to “remote code execution.”

While on the web, Leonov was presented with a “share on Facebook” pop-up box and he noticed that the page’s image failed to load properly. After some digging, he found that “Facebook had used a vulnerable ImageMagick library in its image converter,” reports Fortune.

Leonov then found a way to break through Facebook’s firewall with his own code, and afterwards reported the bug to the company. He was awarded the biggest bounty Facebook has ever given out, which he received through bug bounty startup Bugcrowd.

In 2014, Facebook paid Brazilian security researcher Reginaldo Silva $33,500 for reporting a major vulnerability that would have risked users’ login credentials. The bug was related to code used for the authentication system OpenID, which lets people use the same log-in credentials on various platforms. The glitch would have allowed hackers to access files and open network connections on Facebook’s servers. Today, Silva works as an engineer at Facebook.

[ad_2]
Source link

About Rev_Rod

Check Also

A Step-by-Step Guide to Responding to Allegations of Sexual …

[ad_1] We hear a lot these days about creating a “speak up” organizational culture, but …

Successful Leaders Share How to Get the Most Out of Networki…

[ad_1] Going to a big conference event can be intimidating – and overwhelming. There is …

How to Increase Customer Lifetime Value And Boost Profits…

[ad_1] It’s far less expensive for a business to retain customers than it is to …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.