Found 9 bookmarks
Custom sorting
Keeping GenAI technologies secure is a shared responsibility
Keeping GenAI technologies secure is a shared responsibility
Today, we are investing in the next generation of GenAI security with the 0Day Investigative Network (0Din) by Mozilla, a bug bounty program for large language models (LLMs) and other deep learning technologies. 0Din expands the scope to identify and fix GenAI security by delving beyond the application layer with a focus on emerging classes of vulnerabilities and weaknesses in these new generations of models.
#mozilla#EN#BugBounty#LLMs#0Din#GenAI
·blog.mozilla.org·
Keeping GenAI technologies secure is a shared responsibility
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million. The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.
#securityweek#EN#2024#Google#bugbounty#2023#paid
·securityweek.com·
Google Paid Out $10 Million via Bug Bounty Programs in 2023
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | by Mukund Bhuva
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | by Mukund Bhuva
I began my search for opportunities and stumbled upon a list of eligible websites for bug hunting at https://gist.github.com/R0X4R/81e6c50c091a20b060afe5c259b58cfa. This list became my starting…
#mukundbhuva#EN#2024#redteam#howto#CVE-2022–24816#hack#bugbounty#Netherlands#hack-description
·medium.com·
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | by Mukund Bhuva
Google Online Security Blog: Expanding our exploit reward program to Chrome and Cloud
Google Online Security Blog: Expanding our exploit reward program to Chrome and Cloud
In 2020, we launched a novel format for our vulnerability reward program (VRP) with the kCTF VRP and its continuation kernelCTF. For the first time, security researchers could get bounties for n-day exploits even if they didn’t find the vulnerability themselves. This format proved valuable in improving our understanding of the most widely exploited parts of the linux kernel. Its success motivated us to expand it to new areas and we're now excited to announce that we're extending it to two new targets: v8CTF and kvmCTF.
#googleblog#EN#2023#exploit#reward#program#bugbounty
·security.googleblog.com·
Google Online Security Blog: Expanding our exploit reward program to Chrome and Cloud
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
n late November 2022, a few days after ETH Alumni launched their new feature “Who is who” which allows them to look up and connect to other members, I came across a severe access control vulnerability. Without any authorization over the internet, it allowed extracting at least 35418 member profiles, including full name, postal address, nationality, title, graduation field, study start year, gender, profile picture and hashed passwords.
#andreaskuster#EN#2023#ETHZ#Zurich#bugbounty#blog#vulnerability#disclosure#CH
·andreaskuster.ch·
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe.
#Google#reward#bugbounty#2021#vulnerabilities#data#report#EN
·security.googleblog.com·
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
n late November 2022, a few days after ETH Alumni launched their new feature “Who is who” which allows them to look up and connect to other members, I came across a severe access control vulnerability. Without any authorization over the internet, it allowed extracting at least 35418 member profiles, including full name, postal address, nationality, title, graduation field, study start year, gender, profile picture and hashed passwords.
#andreaskuster#EN#2023#ETHZ#Zurich#bugbounty#blog#vulnerability#disclosure#CH
·andreaskuster.ch·
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe.
#Google#reward#bugbounty#2021#vulnerabilities#data#report#EN
·security.googleblog.com·
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe.
#Google#reward#bugbounty#2021#vulnerabilities#data#report#EN
·security.googleblog.com·
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review