1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Samsung is offering up to $1 million to anyone who can find secur

    From TechnologyDaily@1337:1/100 to All on Wed Aug 7 15:00:05 2024
    Samsung is offering up to $1 million to anyone who can find security flaws in its software

    Date:
    Wed, 07 Aug 2024 14:57:18 +0000

    Description:
    Big money can be won for finding any Samsung vulnerabilities, with the top rewards paying out $1,000,000.

    FULL STORY ======================================================================

    Samsung has launched a new bug-hunting bounty program to encourage reports on security vulnerabilities across its range of mobile devices.

    Rewards for local arbitrary execution are in the region of $300,000 while remote code execution (RCE) will see a reward of $1,000,000.

    The Important Scenario Vulnerability Program (ISVP) will have people
    searching for exploits related to device unlocking, data extraction, and device protection bypass. Money, money, money

    For Samsungs Rich OS, local code execution flaws will fetch $150,000 and RCEs hitting a maximum payout of $300,000. Reports of successful data extraction
    on the first unlock will see a reward of $400,000, which drops down to $200,000 if the extraction is achieved after the first unlock.

    The maximum rewards require the vulnerability to be persistent and 0-click. Other rewards with a lower payout include remote arbitrary application installation from an unofficial marketplace or attacker server which will see a $100,000 reward, and $60,000 if installed from the Galaxy Store.

    To qualify as a successful report, the vulnerabilities must be a buildable exploit that works without privileges consistently on Samsungs main device models running the latest security update.

    Samsung also revealed it paid out $827,925 as part of 2023s bug bounty program, with 113 security researchers participating in the Mobile Security Rewards Program. So far, all of Samsungs bug bounty programs since 2017 have paid out over $4.9m.

    Via BleepingComputer More from TechRadar Pro These are the best endpoint security tools around Dell prepares even more layoffs in latest large-scale job cuts Take a look at our guide to the best employee background checks



    ======================================================================
    Link to news story: https://www.techradar.com/pro/samsung-is-offering-up-to-dollar1-million-to-any one-who-can-find-security-flaws-in-its-software


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)