“Tasked to find exploits”
Social media firm Snapchat has rewarded researchers a group of researchers the prize of $20,000 for finding exposed Jenkins instances that allowed arbitrary code execution and provided access to sensitive data. About three months ago, Belgium-based researcher Preben Ver Eecke began to analyze Snapchat’s infrastructure when he discovered a production Jenkins instance that could be accessed with any valid Google account and gave access to sensitive user data or login credentials.
“Zeroday attack programs in high demand”
Demonstrating the sign of the soaring demand for zeroday attacks that target software that’s becoming increasingly secure, a market-leading broker is offering serious cash for weaponized exploits that work against specific companies. Among them include; Signal, WhatsApp, and other mobile apps that offer confidential messaging or privacy. Zerodium, the Washington, DC-based broker that launched in 2015, announced on Wednesday that it would pay $500,000 for fully functional attacks that work against Signal, WhatsApp, iMessage, Viber, WeChat, and Telegram.
Enjoy your read? Check out our other content here.