DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Archive

How Google Rewards its Bounty Hunters

DigitalCIO Bureau by DigitalCIO Bureau
November 25, 2019
in Archive
0
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Recently, Google threw a challenge for bounty hunters to find exploits in Pixel Titan M chip. Read on to know more…

Google’s Android bounty program reward has just shot up. Recently, Google threw a challenge for bounty hunters to find exploits in Pixel Titan M chip. Google expects the bounty hunters to look for a full chain remote code execution exploit with persistence, which compromises Titan M on Pixel devices.

Google’s Bounty Program
Google’s bounty program was created in 2015 and until now, it has paid out over $4 million for more than 1,800 vulnerabilities reported since. The single highest reward, however, was over $200,000 in the current year. Google payouts totaled over $1.5 million during the last year.

Casey Ellis, founder and CTO of Bugcrowd, said Google’s bounty has risen because “the skills needed to find these types of vulnerabilities in Google devices are rare and often tied up in the offensive market.” “By upping the incentive to hackers, Google is making bug hunting for them more attractive, especially to those that might teeter the line between whitehat and blackhat,” Ellise told Silicon Angle.

Why the Challenge
Titan M, a custom-built security chip for Pixel 3, cordons off smartphone’s most sensitive data from its main processor in order to protect it against certain attacks. Titan M helps the bootloader — a piece of code that runs before any operating system runs (Android in this case) — ensure the right version of Android on the phone. It does it by saving the last known safe Android version while preventing bad actors from driving the device back to an older, which could be a potentially vulnerable version of Android.

The attacker cannot unlock the bootloader with Titan M in place. It also verifies the lock screen passcode and it is built with insider attack resistance to prevent tampering.

The Reward
In the recent announcement, Google declared that it will now offer significantly higher rewards through its Android Security Rewards program. If anyone manages to exploit its Titan M chip on Pixel devices, Google will reward up to over a million to the individual. Top reward will be up to $1 million for a Pixel Titan M exploit with full chain remote code execution and persistence on the device. There will also be a 50 percent bonus if the exploit chain works on developer preview versions of Android.

Further, white hat hackers can now earn up to $500,000 in several other categories such as for exfiltrating data secured by Titan M chip and $100,000 for lock screen bypass techniques.

Other Reward Programs
Zerodium, a leading exploit acquisition platform that claims to provide its services mainly to government organizations, is currently offering up to $2.5 million for an Android exploit chain with persistence and requires no clicks. It pays up to $2 million for an iOS exploit chain that requires one click and offers persistence on the device and $1 Million for chat app exploits affecting WhatsApp, iMessage, or SMS/MMS applications.

Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Barracuda Unveils AI-Powered Cybersecurity Platform BarracudaONE in India

by DigitalCIO Bureau
June 3, 2025
0

Barracuda Networks has unveiled the BarracudaONE AI-powered cybersecurity platform. BarracudaONE maximizes threat protection and cyber resilience by unifying layered security defenses and providing deep, intelligent threat detection and response for...

Read moreDetails

Check Point Acquires Veriti To Minimize Digital Vulnerabilities

by DigitalCIO Bureau
May 28, 2025
0
Check Point Acquires Veriti To Minimize Digital Vulnerabilities

Check Point Software Technologies has announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform. “The acquisition of Veriti...

Read moreDetails

Vats Srivatsan named Interim CEO of WatchGuard Technologies

by DigitalCIO Bureau
May 8, 2025
0
Vats Srivatsan named Interim CEO of WatchGuard Technologies

WatchGuard Technologies Chief Executive Officer (CEO) Prakash Panjwani will transition out of his operational role, continuing to serve on the Board of Directors and as a strategic advisor...

Read moreDetails

Google 2024 Ads Safety Report: AI plays key role in safer advertising ecosystem

by DigitalCIO Bureau
April 19, 2025
0
Google 2024 Ads Safety Report: AI plays key role in safer advertising ecosystem

Google has released its 2024 Ads Safety Report, demonstrating how it is using advanced AI technology to create a safe and responsible advertising ecosystem. A notable finding from...

Read moreDetails

Proofpoint Named a Leader in 2024 Gartner Magic Quadrant

by DigitalCIO Bureau
December 26, 2024
0
Proofpoint Named a Leader in 2024 Gartner Magic Quadrant

Proofpoint announced it has been named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms. The Gartner Magic Quadrant for Secure Email Gateways was last published in...

Read moreDetails
Next Post

IceWarp Announces Strategic Partnership with Pentagon Systems

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Inspira Enterprise joins Nozomi Networks’ MSSP Elite Partners’ League

Honeywell Report Reveals “Silent Residency” Is Driving Escalating Cyber Threat for Industrial and Critical Infrastructure Facilities

May 6, 2024
GenAI Changing Organizations Priorities: Nutanix

GenAI Changing Organizations Priorities: Nutanix

February 6, 2025
Brillio Announces Investment by The Orogen Group

Brillio Announces Investment by The Orogen Group

September 6, 2023

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Dell Technologies Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud HCLTech Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Microsoft Netskope NTT DATA Palo Alto Networks Panel Discussion Qlik Salesforce ServiceNow Sophos Tenable Veeam Veeam Software Vertiv Webinars Whitepaper Zscaler

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?