AV developer Avast starts bug bounty program
Posted on 28 January 2013.
Avast, the Prague-based maker of the popular eponymous AV software, has announced the introduction of a bug bounty program.

Rewards are offered only for security-related bugs in the software - information about UI, localization, bugs in the company's website, and similar is, of course, welcome, but researchers will not be paid for it.

Researchers are urged to search for bugs in the latest shipping versions of Avast Free Antivirus, Avast Pro Antivirus, and Avast Internet Security.

The company is interested in receiving information about remote code execution and local privilege escalation bugs, DoS vulnerabilities, bugs that allow attackers to bypass or escape the avast! Sandbox, clear scanner bypasses, and other bugs with serious security implications - but only in Avast itself (not, for example, in a Microsoft library).

Researchers can earn themselves as little as $200 per bug, but can also be awarded $3,000 or more for remote code execution bugs.

Submitted bug reports should contain sufficient information for the company to reliably reproduce the bug, and should be sent to bugs@avast.com. For more details about the program, go here.

"As a security company, we very much realize that security bugs in software are reality. But we also realize that companies that are able to use their user communities to find and fix bugs are generally more successful that those that donít. Therefore, we have decided to reward individuals who help us find and fix security-related bugs in our own software," Avast commented the introduction of the program.






Spotlight

Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //