Facebook-owner Meta to pay researchers for finding these vulnerabilities

Meta (formerly Facebook) has announced that it is expanding its bug bounty programme to start rewarding valid reports of scraping vulnerabilities across its platforms.

Under the programme, researchers will be rewarded for finding “unprotected or openly public databases containing at least 100,000 unique Meta user records with PII (personally identifiable information) or sensitive data.

The main goal of this programme is to find bugs that attackers are utilising to bypass scraping limitations in order to access data at a greater scale than is intended in its products.

“We know that automated activity designed to scrape people’s public and private data targets every website or service,” Meta says in its announcement. “We also know that it is a highly adversarial space where scrapers — be it malicious apps, websites, or scripts — constantly adapt their tactics to evade detection in response to the defences we build and improve.”

Financial rewards starting at $500 are on offer for scraping bugs and scraped database reports will be matched with charity donations.

The company said it will also contact hosting providers such as Amazon Web Services, Box, and Dropbox as appropriate to have the scraped information removed from their platforms.

Earlier this month, Meta increased the scope of Facebook Protect, a service designed to enhance the security of user accounts considered to be at higher risk.

Since the launch of its bug bounty program in 2011, Meta has paid more than $14 million in bug bounties and received more than 150,000 reports, of which more than 7,800 were awarded a bounty.

So far this year, the company awarded more than $2.3 million to researchers from 46 countries.

FacebookTwitterLinkedin


For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.