After 2011, Facebook provides biggest bug bounty of $33.5K for Remote Code Execution flaw.

Facebook bounty

For finding a Remote Code Execution (RCE) vulnerability in Facebook a Brazillian pentester has been paid a bounty of $33.5k (approximately Rs.20,99,110/-) as a bounty. After 2001, this is the biggest bounty Facebook ever provided.

RCE's provide attackers the flexibility to access computers from afar and somebody who took advantage of this explicit vulnerability are allowed to scan discretional files on the online server, in line with a post. Facebook quickly applied a patch before addressing the problem on an even bigger scale.


Beware ANDROID USERS!!! Not safe any more -- First Android Bootkit identified

Mobile Virus

A particularly clever trojan has been discovered operating as a bootkit on more than 350,000 Android mobile devices, according to a Friday post by Russian anti-virus company Dr. Web. Good part is, India is not in the list of infected mobiles.

“To spread the trojan, which entered the Dr.Web virus database as Android.Oldboot.1.origin, attackers have used a very unusual technique, namely, placing one of the trojan components into the boot partition of the file system and modifying the [initialization] script which is responsible for the initialization of OS components,” according to the post.


Show off Your Security Skills: Win 2.7 Millions @ Google's PWNIUM 4 (3)

Google Hack

Building on the success of the last couple of years, Google plans to offer more than $2.7 million in potential rewards in the next iteration of its Pwnium hacking competition at this year’s CanSecWest conference in Vancouver.

The money that Google is putting up for new compromises of Chrome OS is far beyond what’s available at Pwn2Own or any of the other major contests and has attracted a small, but elite, group of contestants in past years. The company is promising rewards of as much as $150,000 plus some bonuses, paid at Google’s discretion, for especially innovative or serious exploits.


Page 2 of 3