Ransomware groups are now using bug bounty tactics
Some ransomware gangs are crowd-sourcing exploits and paying researchers for zero-days. It’s basically a black hat bug bounty program. Are we ready for this shift in the threat landscape?
Some ransomware gangs are crowd-sourcing exploits and paying researchers for zero-days. It’s basically a black hat bug bounty program. Are we ready for this shift in the threat landscape?
> Are we ready for this shift in the threat landscape?
Depends on how much your business pays for bug bounties, doesn't it?
I made a decision not to get involved in the dark side of the industry. You can end up like
https://en.wikipedia.org/wiki/Vardan_Kushnir
https://en.wikipedia.org/wiki/Davis_Wolfgang_Hawke
Even if you go the "ethical" route you can get sued and have your life made miserable. So I quit looking for security holes.