A security vulnerability in the Facebook design (FB5) could have allowed attackers to remove any photo from profiles of the users.
The security expert Philippe Harewood is one of the security researchers that received early access by Facebook to the new FB5 design and discovered an important design flaw.
Harewood explained that the issue affects the GraphQL that is a feature implemented in the new design to remove profile pictures from Facebook fan pages. The design vulnerability could be abused by attackers to delete photos from the profiles of the user
The researcher also published a proof-of-concept (PoC) code that allowed him to remove the profile photo from any targeted user’s account.
Harewood pointed out that the original photo removed exploiting the flaw was still available, this means that a user is able to set the profile picture back to the original in
Facebook acknowledged the vulnerability and awarded the researcher a $2,500 as part of its bug bounty program.
“We recently ran a similar program where we granted a select group of researchers early access to FB5, the new design for Facebook we announced at our F8 conference. One of these researchers, Philippe Harewood, identified a bug in the new interface that could have allowed someone to remove another person’s profile photo. If this bug was exploited, a person’s profile photo would appear blank.” reads a post published by Facebook. “However, the photo would still be saved in the person’s account and available to upload. We thank Philippe for sharing this bug so we could fix it before FB5 rolls out worldwide. You can read more about his finding here.”
Facebook also announced that it is expanding its Data Abuse Bounty program to include Instagram. The social network giant will launch an
“Checkout on Instagram allows people to purchase products directly on Instagram without leaving the app. To continue to ensure this feature’s security as we expand globally, we’ve invited a select group of security researchers to stress test it.” concludes Facebook.
“We are exploring other opportunities to tap into the expertise of researchers who consistently submit high-quality research to our bug bounty program and invite them to test new features prior to launch.”
(SecurityAffairs – Facebook, bug bounty)
The post Flaw in New Facebook Design Allowed Removal of Profile Photos appeared first on Security Affairs.
At the Blackhat
cybersecurity conference, Apple has announced a few major changes to its bug bounty program that will be open to any researcher.
The most striking change is related to the payout for the rewards, the
Apple will pay up to $1 million reward for a zero-click kernel code execution vulnerability zero user clicks, that could be exploited by an attacker to take over a device.
On top of the maximum reward of $1 million, the tech giant announced it will also offer a supplementary bonus of 50% to those experts who report security issues in beta version software before its public release.
Another novelty is represented by the extent of the bug bounty program to all the operating systems developed by the company, including macOS, watchOS, tvOS, iPadOS, and iCloud.
Until now Apple’s bug bounty program only covered vulnerabilities in the iOS mobile operating system.
The tech giant also announced that starting from the next year will also provide pre-jailbroken iPhones to a selected number of trusted white-hat hackers under its iOS Security Research Device Program.
“What makes these iPhones special? One source with knowledge of the Apple announcement said they would essentially be “dev devices.” Think of them as iPhones that allow the user to do a lot more than they could on a traditionally locked-down iPhone. For instance, it should be possible to probe pieces of the Apple operating system that aren’t easily accessible on a commercial iPhone.” wrote Thomas Brewster on Forbes. “In particular, the special devices could allow hackers to stop the
Apple’s decision to extend the bug bounty program and increase the rewards is very important. Let’s consider that since now the best way to earn money for a bug hunter was to sell the exploits to zero-day broker firms like Zerodium. These companies historically offered greater rewards for working zero-day exploits for popular software like iOS and the Tor Browser.
The post Apple announces major changes to its bug bounty program, including higher rewards appeared first on Security Affairs.
Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, Ivan Krstić, Apple’s head of security engineering and architecture, announced changes to it. Wider scope, higher bug bounties Starting this fall, the program will be open to all researchers. Apple Bug Bounty. pic.twitter.com/jyD9UwU9pI — mikeb (@mikebdotorg) August 8, 2019 The bug bounty program has been widened … More
The post Apple expands bug bounty program, opens it to all researchers, raises rewards appeared first on Help Net Security.
Apple announced that it will be expanding the scope of its bug bounty program and increasing its maximum possible reward payout to $1 million. Ivan Krstić, Apple’s head of security engineering, made the announcement during a presentation on iOS and macOS security at Black Hat USA 2019. He revealed that Apple’s bug bounty program will […]… Read More
The post Apple Increases Maximum Bug Bounty Program Payout to $1M appeared first on The State of Security.
American multinational conglomerate holding company AT&T has announced the launch of its public bug bounty program on HackerOne. Revealed on 6 August, the new program will award security researchers who submit reports on eligible vulnerabilities that affect AT&T’s websites, mobile apps, devices and exposed APIs. In-scope flaws include weaknesses that affect the confidentiality or integrity […]… Read More
The post AT&T Announces Launch of Public Bug Bounty Program appeared first on The State of Security.
Microsoft has some very good news for bug hunters: not only has the company doubled the top bounty reward for vulnerabilities discovered in its Azure cloud computing service, but has also created an isolated testing environment that will allow researchers to try to exploit them. The Azure Security Lab “The Azure Security Lab is a set of dedicated cloud hosts for security researchers to test attacks against IaaS scenarios, and which is isolated from Azure … More
The post Microsoft sets up isolated environment for bug hunters to test attacks against Azure appeared first on Help Net Security.
Bug hunters searching for security flaws in Google’s offerings are now vying for higher bounties. Microsoft has launched a new bug bounty program. Google’s changes Since 2010, when Google started the Chrome Vulnerability Reward Program to reward security researchers who invest their time and effort to discover bugs in Chrome and Chrome OS, the company has raised the offered bounty amounts a number of times. Nine years ago, the rewards ranged from $500 to $1337 … More
The post Google increases bounties for Chrome, Google Play bugs appeared first on Help Net Security.