fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Gives 50% Bonus to Android 13 Beta Bug Bounty Hunters

Google Gives 50% Bonus to Android 13 Beta Bug Bounty Hunters

Google has announced that all security researchers who report Android 13 Beta vulnerabilities through its Vulnerability Rewards Program (VRP) will get a 50% bonus on top of the standard reward until May 26th, 2022.

Bug hunters can get a maximum payout of $1.5 million for a full remote code execution exploit chain on the Titan M used in Google Pixel Phones running an Android 13 Beta build.

“Between April 26th, 2022 and May 26th, 2022 all security vulnerabilities that reproduce exclusively on Android 13 Beta 1 are eligible for a bonus 50% reward payout on top of the standard reward payout,” the company says on the Bug Hunters portal.

“Vulnerabilities must be exclusive to Android 13 and must not reproduce on any other version of Android.”

Google asked those who submit eligible vulnerabilities to include the phrase “Android 13 Beta” in the title of their reports to ensure that they’re correctly tagged for this payout bonus program.

Also Read: How can businesses protect their enterprise from Business Email Compromise (BEC) attacks?

The list of qualifying flaws includes those found in Android Open Source Project (AOSP) and other OS code, as well as OEM libraries and drivers code, system on chip (SoC), MicroController Unit (MCU), and any other software used by Android devices if they impact the security of Google devices and platforms.

Researchers are also eligible for extra rewards if they provide full exploit chains combining multiple security flaws and demonstrating arbitrary code execution, data exfiltration, or a lock screen bypass (achieved via software).

The final reward amount for all reported bugs is at the discretion of Google’s reward committee, and it depends on several factors, including (but not limited to) the availability of a buildable exploit, a detailed write-up, the attack vector, and the exploit’s reliability.

Also Read: 6 ways to recognize a potential phishing scam and what to do if you receive one

“Exploit chains found on specific developer preview versions of Android are eligible for up to an additional 50% reward bonus,” Google adds.

The maximum exploit reward for vulnerabilities allowing code execution reaches up to $1 million for Pixel Titan M bugs without considering the Android preview payout bonus.

Data exfiltration bugs can also earn researchers a reward of up to $500,000 for sensitive data secured by Pixel Titan M, while payouts for software-based lock screen bypasses can go up to $100,000.

Jan Keller, a Google VRP Technical Program Manager, revealed in July 2021 that Google has paid rewards to over 2,000 security researchers from 84 different countries for reporting over 11,000 bugs since launching its first VRP more than ten years ago.

In all, Google had paid over $29 million in bounty rewards since January 2010, when it launched the Chromium vulnerability reward program.

The company has awarded a record-breaking $8,700,000 in rewards in 2021, including a $157,000 payout for an exploit chain, the highest in Android VRP history.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us