U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

TikTok launched a public bug bounty program

Chinese video-sharing social networking service TikTok announced this week the launch of a public bug bounty program in collaboration with HackerOne. The popular Chinese video-sharing social networking service TikTok has launched this week a public bug bounty program through the HackerOne platform. White hat hackers are invited to report security flaws in TikTok websites, including […]

tiktok Taiwan China

Source: Messagero

Chinese video-sharing social networking service TikTok announced this week the launch of a public bug bounty program in collaboration with HackerOne.

The popular Chinese video-sharing social networking service TikTok has launched this week a public bug bounty program through the HackerOne platform.

White hat hackers are invited to report security flaws in TikTok websites, including several subdomains, and both Android and iOS apps.

The company is offering between $1,700 and $6,900 for high-severity flaws, the payout for a critical issue can go up to $14,800.

“We encourage security researchers to focus their efforts on finding security vulnerabilities demonstrating meaningful impact. Our rewards are based on severity per CVSS (the Common Vulnerability Scoring Standard).” reads the program description.

The idea to reward white hat hackers for reporting security flaws is not new for the Chinese firm that claimed to have already paid out more than $40,000 through its bug bounty program.

The company has had a Vulnerability Reporting Policy and follows a Coordinated Disclosure Policy with a waiting period of 90 days from submission.

“This partnership will help us to gain insight from the world’s top security researchers, academic scholars and independent experts to better uncover potential threats and make our security defenses even stronger,” said Luna Wu of TikTok’s Global Security Team.

tiktok
Source: Messagero

President Trump is trying to ban TikTok in the United States due to security and privacy concerns. TikTok has denied any accusation of sharing data with the Beijing government. TikTok confirmed that all US user data is stored in the US, with a backup in Singapore.

TikTok challenged the decision in a US court and the judge blocked the President’s request to ban the Chinese company in the country.

The US Government is making pressure on TikTok’s parent firm Bytedance to sell its U.S. operations to an American company.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, TikTok)

[adrotate banner=”5″]

[adrotate banner=”13″]