Bug bounty hunter scores on Facebook and turns in another hacker

dell secureworks prices hacker keyboard 2 970x0
Facebook bug hunter finds another hacker's trail
While earning a $10,000 bounty, a penetration tester called Orange Tsai discovered another hacker’s backdoor already in place on a Facebook server, as reported by The Register. Orange Tsai turned in the other hacker’s mischief along with O.T.’s own success at cracking the server. Just another day in the life of professional bounty hacker.

Facebook’s bug bounty program pays rewards to anyone who finds and documents problems with its websites or systems. The rules for the program are detailed along with a long list of eligible websites, apps, and services. Fair game Facebook assets include Facebook.com, Instagram.com, and Oculus.com. WhatsApp, LiveRail, and Atlas aren’t included, so if you’re hacking for a bounty, hack elsewhere.

Orange Tsai works for Taiwan-based Devcore and published the full details of the hunt on a company blog. O.T. hacked into a Facebook staff server. Once inside, O.T. found a backdoor left by another hacker, along with code that could exploit Facebook staff credentials.

Orange Tsai reported the other hacker’s access when turning in his own bug report. After researching the reports, Facebook security engineer Reginaldo Silva discovered they already knew of the other hacker. That person is also part of their bug hunt program.

“We determined that the activity Orange detected was in fact from another researcher who participates in our bounty program. Neither of them were (sic) able to compromise other parts of our infrastructure, so the way we see it, it’s a double win: two competent researchers assessed the system, one of them reported what he found to us and got a good bounty, none of them were able to escalate access,” said Silva.

So Orange Tsai was paid for breaking into the Facebook server and also recognized for finding bug hunter tracks. In addition the money, Facebook recognized Orange Tsai on its official bug hunt thank you list.

Computing

500px reveals almost 15 million users are caught up in security breach

Almost 15 million members of portfolio website 500px have been caught up in a security breach. The hack occurred in 2018 but was only discovered last week. Users are being told to change their 500px password as soon as possible.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Home Theater

Cutting the cord? Let us help you find the best service for live TV streaming

There's a long list of live TV streaming services available to help you cut the cord and replace your traditional TV subscription. Each is different in important ways, and this guide will help you find the best one for you.
Mobile

Samsung teases it will reveal its foldable phone during the Galaxy S10 event

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy Fold, may be the company's first example. Here's everything we know about it.
Social Media

‘Instagram egg’ embarks on a new adventure as man behind it is unmasked

The Instagram egg made global headlines recently after it became the most-liked post on the photo-sharing app. The person behind the account has now been revealed, as has his reason for choosing an egg for the stunt.
Social Media

Periscope tool adds guests to feeds so streamers can become talk show hosts

Periscope users can now invite viewers to chime into the conversation with more than just the comment tool. By enabling the option to add guests, livestreamers can add guests to the conversation, in audio format only.
Photography

Crouching, climbing, and creeping, the perfect Instagram shot knows no bounds

Just how far will you go for the perfect Instagram? A recent survey shows just how willing Instagram users -- and Instagram husbands -- are to climb, lie down, embarrass themselves or let their food go cold for the perfect shot.
Social Media

Facebook’s long-promised ‘unsend’ feature arrives. Here’s how to use it

Send a message to the wrong person? Messenger now gives you 10 minutes to take it back. After an update beginning to roll out today, users can now retract messages if they act within the first 10 minutes after sending the message.
Social Media

YouTube boss admits even her own kids gave the ‘Rewind’ video a thumbs down

YouTube's 2018 Rewind video went down like a lead balloon at the end of last year, becoming the most disliked video in its history. And now YouTube's CEO has admitted that even her own kids thought it was pretty darn awful.
Social Media

Snapchat finally recovers from its redesign — so here comes an Android update

Snapchat's drop in users after launching a controversial redesign has finally stagnated. During the fourth quarter and 2018 earnings report, Snapchat shared that the company is rolling out an Android update designed to increase performance.
Social Media

Skype’s new ‘blur background’ feature could help keep you from blushing

Skype's latest feature for desktop lets you blur your background during video calls. The idea is that it keeps you as the focus instead of distracting others with whatever embarrassing things you might have on show behind you.
Social Media

Twitter users are declining but more people are seeing ads every day

Twitter's end-of-the-year report for 2018 is a mix of good and bad news. The good news is that more users are seeing adds daily, the metric the company will focus on moving forward. But the bad news is that monthly active users are…
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Computing

YouTube beats Apple, Netflix as the most trusted brand by millennials

The popular video sharing website YouTube climbed up in an annual Mblm study, moving up from third place in 2018 and coming ahead of both Apple and Netflix in final 2019 rankings.