• Login
Fintedex — Business, Fincance & Investment News
  • Contact
  • Submit a News Releases
No Result
View All Result
  • Contact
  • Submit a News Releases
No Result
View All Result
Fintedex — Business, Fincance & Investment News
No Result
View All Result
Home Technology

Finding a Microsoft 365 bug is now more lucrative than ever

Timothy Wilson by Timothy Wilson
16.04.2022
in Technology
0
Finding a Microsoft 365 bug is now more lucrative than ever
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Security researchers and white hat hackers will now be able to earn even more when finding bugs in Microsoft 356, Dynamics 365 and Microsoft’s Power Platform.

In a new blog post, the Microsoft Security Response Center revealed that it is raising the maximum awards for high-impact security flaws reported to the Dynamics 365 and Power Platform Bounty Program as well as the M365 Bounty Program.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Now when a cross-tenant information disclosure bug is found in Dynamics 365 and Power Platform, bug hunters can earn up to $20k. Meanwhile, remote code execution through untrusted input bugs in Microsoft 365 will be worth an additional 30 percent, unauthorized cross-tenant and cross identity sensitive data leakage will be worth an extra 20 percent and “confused deputy” vulnerabilities will worth an additional 15 percent.

These new bounty awards are part of Microsoft’s “continued efforts to partner with the security research community” as part of the software giant’s holistic approach to defending against security threats.

Finding bugs in on-premise Exchange, SharePoint and Skype for Business

In addition to expanding its bug bounty rewards in Microsoft 365, Dynamics 365 and Power Platform, Microsoft also recently added on-premise Exchange, SharePoint and Skype for Business to its Applications and On-Premises Servers Bounty Program.

This expanded bug bounty program makes it possible for security researchers who find and report vulnerabilities that affect on-premises servers to earn rewards ranging from $500 all the way up to $26k. 

Read More

> 1Password ups maximum bug bounty

> Meta is getting serious about its bug bounty program

> Building the world’s largest bug bounty platform

It’s worth noting that “higher rewards are possible, at Microsoft’s sole discretion, based on the severity and impact of the vulnerability and the quality of the submission” according to a separate blog post from the Microsoft Security Response Center.

When it comes to the severity multiplier for these kinds of bugs, server-side request forgery bugs are worth an additional 20 percent in both Exchange and Sharepoint.

Security researchers and white hat hackers interested in learning more can find out all the details by visiting Microsoft’s Applications and On-Premises Servers Bounty Program page.

  • Protect your devices from all sorts of bugs with the best antivirus software

Via BleepingComputer


Previous Post

: White House says it will extend student-loan pause again before Aug. 31 or finalize plan by then on canceling student debt

Next Post

TSMC set to begin production on Apple’s 3nm chips in latter half of 2022

Related Posts

Some Windows updates might actually hurt your security
Technology

Some Windows updates might actually hurt your security

by Timothy Wilson
16.05.2022
Tech Moves: Longtime Microsoft leader James Phillips leaves Stripe; and more
Technology

Tech Moves: Longtime Microsoft leader James Phillips leaves Stripe; and more

by Timothy Wilson
16.05.2022
It looks like Apple WWDC 2022 will be in-person after all – for some
Technology

It looks like Apple WWDC 2022 will be in-person after all – for some

by Timothy Wilson
16.05.2022
Save up to $700 during Nolah Mattress’ Memorial Day Sale
Technology

Save up to $700 during Nolah Mattress’ Memorial Day Sale

by Timothy Wilson
16.05.2022
Report: Apple bringing USB-C to the iPhone but not the iPhone 14
Technology

Report: Apple bringing USB-C to the iPhone but not the iPhone 14

by Timothy Wilson
16.05.2022
Next Post
TSMC set to begin production on Apple’s 3nm chips in latter half of 2022

TSMC set to begin production on Apple’s 3nm chips in latter half of 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Premium Content

Dow Jones Newswires: New Zealand to end isolation requirement for vaccinated travelers

28.02.2022
Your mechanical keyboard isn’t just annoying, it’s also a security risk

Your mechanical keyboard isn’t just annoying, it’s also a security risk

09.05.2022

Parag Khanna: «I Began to Call Singapore the Capital of Asia»

15.12.2021

Browse by Category

  • Business
  • Finance
  • Stock Market
  • Technology
  • Без рубрики

Browse by Tags

Europe Oleg Volin Russia Ukraine

Fintedex delivers real-time news about the financial industry: feature stories, industry developments, opinions plus the latest on people and trends.

Categories

  • Business
  • Finance
  • Stock Market
  • Technology
  • Без рубрики

Browse by Tag

Europe Oleg Volin Russia Ukraine

Recent Posts

  • The Location Guide, Filmmakers for Ukraine and EUFCN join forces for fundraiser at Cannes 2022
  • Free exchange: The world needs a new economic motor. Could India fit the bill?
  • Buttonwood: Why Italy’s borrowing costs are surging once again

© 2021 Fintedex.

No Result
View All Result
  • Contact
  • Submit a News Releases

© 2021 Fintedex.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?