Facebook Pays Security Researcher $40,000

Facebook is one of best and most famous social networking website that provides effective platform for home user and for commercial purposes, there are a lot of companies can be find on facebook and they are doing social media marketing on Facebook. Facebook has faced and now facing different challenges with reference to the security and privacy issues.

Facebook has a lot of enemies like anonymous has announced to attack on facebook, beside this facebook is vulnerable for XSS and XSSF attack.

At the end of the July facebook has announced to pay security researcher if they find any vulnerability on Facebook.
Facebook said that they will now pay a $500 bounty for reports of vulnerabilities in the social networking service.

Now the recent report claim that Facebook has, over the course of three weeks, paid out more than $40,000 for reports of vulnerabilities in the social networking service. According to the official blog note one person has already received more than $7,000 for six different issues flagged.  It has been a joy to engage in dialogue about issues and hear from the diverse perspectives these people bring.

The following bugs aren’t eligible for a bounty (and we don’t recommend testing for these):

  • Security bugs in third-party applications (e.g., http://apps.facebook.com/[app_name])
  • Security bugs in third-party websites that integrate with Facebook
  • Security bugs in Facebook’s corporate infrastructure
  • Denial of Service Vulnerabilities
  • Spam or Social Engineering techniques
So if you want to earn some money than you must try this, if you have a skills than try to find some vulnerabilities on facebook to earn a handsome amount of money. There are some rules and regulation that you have to follow.


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...