Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Try to relax and enjoy the crisis. -- Ashleigh Brilliant

aus+uk / uk.comp.sys.mac / How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

SubjectAuthor
o How to Get into the Bug-Bounty Biz: The Good, Bad and UglyDavid Brooks

1
How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

<BVunI.221472$N_4.116999@fx36.iad>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=589&group=uk.comp.sys.mac#589

  copy link   Newsgroups: uk.comp.sys.mac
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!news-out.netnews.com!newsin.alt.net!fdcspool1.netnews.com!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx36.iad.POSTED!not-for-mail
Newsgroups: uk.comp.sys.mac
X-Mozilla-News-Host: news://news.eublocknews.com:119
From: Dav...@nomail.afraid.org (David Brooks)
Subject: How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.10.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
Lines: 38
Message-ID: <BVunI.221472$N_4.116999@fx36.iad>
X-Complaints-To: abuse@blocknews.net
NNTP-Posting-Date: Fri, 14 May 2021 13:28:01 UTC
Organization: blocknews - www.blocknews.net
Date: Fri, 14 May 2021 14:28:01 +0100
X-Received-Bytes: 2357
 by: David Brooks - Fri, 14 May 2021 13:28 UTC

Author:
Becky Bracken
May 14, 2021

Experts from Intel, GitHub and KnowBe4 weigh in on what you need to
succeed at security bug-hunting.

Zero-day disclosures, those known bugs without a fix, can have
potentially catastrophic results. One of the best ways to combat them is
by discovering them before the bad guys do.

Some of the biggest tech brands on the planet have been pummeled by a
rash of high-profile zero-day exploits. In the past handful of weeks,
Apple announced a patch for its MacOS bypass bug and rushed four
out-of-band fixes for zero-days under active attack; Chrome’s zero-day
was posted on Twitter in mid-April; and of course the Microsoft Exchange
zero-day attack is still fresh.

Threatpost invited zero-day experts to dig beyond the headlines,
including Katie Trimble-Noble, the former DHS official who runs Intel’s
bug-bounty program; Greg Ose, who runs GitHub’s bug-bounty program, and
James McQuiggan, a security awareness advocate for KnowBe4.

During the conversation, the panel discussed the lifecycle of a zero-day
vulnerability, the inner workings of bug-bounty programs and tips for
researchers looking to break into big-time bug hunting. They even threw
in a couple of predictions for good measure.

The entire conversation, on the Economics of 0-Day Disclosures: The
Good, Bad and Ugly, was recorded and can be viewed in its entirety
on-demand for free.

https://threatpost.com/how-to-bug-bounties/165657/

--
David B.

aus+uk / uk.comp.sys.mac / How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor