How do you keep enterprising hackers from unloading exploits into the wild? Microsoft has been paying bounties to researchers who find and disclose security issues for a while. Now, it's expanded the program. At Black Hat, the company announced that it will double the size of payments it makes in its Bounty for Defense program, and it'll also be expanding the Online Services Bug Bounty to new areas of eligibility.
Let's say an exploit has been discovered in the wild, and Microsoft has mitigated (or patched) that exploit. If you can get around that mitigation, you have a submission for the company's Mitigation Bypass program, which could net you up to $100,000. Ideas for defending against further hacking efforts are eligible for the Bounty for Defense program, which has its own $100,000 maximum payout. Submissions that offer both a mitigation bypass and a defensive idea would receive both bounties. These bounties are only good for attacks on the latest version of Windows, so those of you interested in submitting your brilliant ideas need to cover Windows 10.
The Online Service Bug Bounties program has been expanded to include Azure Active Directory and the Microsoft Account service, in addition to Office 365 and the other Azure services that were previously eligible. The bounty for online service bugs has also been raised temporarily, from its normal $500-$15,000 to a maximum payout of $30,000 until October 5. You better get—ehrm—cracking.
|Razer Electra V2 offers affordable immersion||0|
|Samsung 360 Round camera captures the world from all angles||6|
|National Seafood Bisque Day Shortbread||2|
|MSI GS63 Stealth laptop flies under the radar with a GTX 1050||4|
|Zotac GTX 1080 Ti ArcticStorm Mini proves that size doesn't matter||18|
|Aorus X9 packs two GTX 1070s in a slim chassis||11|
|ROG Strix X370-I and B350-I are itty-bitty boards for Ryzen builds||15|
|Qualcomm shows progress on 5G mobile broadband||21|
|Samsung foundry train stops at 8-nm LPP before heading to EUV||22|
|Honestly can't see the point of Vega64 for gamers. It's a power-hungry compute monster that barely outperforms Vega56 and no matter how much you overc...||+21|