Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday February 01 2020, @10:27PM   Printer-friendly
from the how-much-is-it-worth-on-the-dark-web? dept.

Microsoft will now pay up to $20k for Xbox Live security exploits – TechCrunch:

Think you’ve found a glaring security hole in Xbox Live? Microsoft is interested.

The company announced a new bug bounty program today, focused specifically on its Xbox Live network and services. Depending on how serious the exploit is and how complete your report is, they’re paying up to $20,000.

Like most bug bounty programs, Microsoft is looking for pretty specific/serious security flaws here. Found a way to execute unauthorized code on Microsoft’s servers? They’ll pay for that. Keep getting disconnected from Live when you play as a certain legend in Apex? Not quite the kind of bug they’re looking for.

Microsoft also specifically rules out a few types of vulnerabilities as out-of-scope, including DDoS attacks, anything that involves phishing Microsoft employees or Xbox customers, or getting servers to cough up basic info like server name or internal IP. You can find the full breakdown here.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Funny) by barbara hudson on Sunday February 02 2020, @01:44AM

    by barbara hudson (6443) <barbara.Jane.hudson@icloud.com> on Sunday February 02 2020, @01:44AM (#952586) Journal

    I'm sure working exploits are worth far more on the open market. Think of all those credit cards registered to the boxes.

    That's like the guy who stood up in the movie theatre and said "I just lost my wallet with $100 in it. I'll pay a $20 reward. Immediately someone else said "I'll pay $40."

    Not like the guy who was crawling around on all 4s after the movie was over. The usher asked him what the problem was. "I'm looking for a caramel," "A caramel? Are you serious?" "Yes dammit - my teeth are in them."

    --
    SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
    Starting Score:    1  point
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3