• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
meta expands bug bounty programme to cover data scraping

Meta expands bug bounty programme to cover data scraping

You are here: Home / General Cyber Security News / Meta expands bug bounty programme to cover data scraping
December 16, 2021

Meta has expanded its bug bounty programme to include flaws that guide to facts scraping in a transfer it really is describing as an marketplace-initially.

The programme will now cover databases scraping and also present benefits for scientists who can only clearly show novel approaches of scraping on its merchandise – the latter of which is a first-of-its-kind programme, in accordance to the freshly rebranded mum or dad business of Fb.

It will get started as a private programme only out there to Meta’s Gold+ HackerPlus security scientists – a title for scientists who have noted at least five valid bugs to the business – and will offer benefits to these who show how details scraping can be achieved, regardless of the degree of impact on the item.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Scientists can post procedures even if the info is community and Meta explained it’s especially looking for reports regarding logic bypass issues – flaws that permit obtain to information through unintended mechanisms.

Details scraping can be achieved working with specifically crafted scripts, often using the Python programming language, which are designed to raise the details from any specified web webpage. These scripts can be created to grab certain facts, depending on the concentrate on and the intent of the activity.

“We know that automated exercise designed to scrape people’s general public and private data targets each individual site or assistance,” claimed Meta in an announcement.

“We also know that it is a highly adversarial area wherever scrapers – be it malicious applications, web-sites or scripts – regularly adapt their techniques to evade detection in reaction to the defences we develop and strengthen. As component of our more substantial security tactic to make scraping tougher and a lot more costly for the attackers, today we are commencing to reward valid stories of scraping bugs in our system.”

The move comes far more than two a long time immediately after the firm formerly identified as Fb first determined an issue that authorized consumers to scrape knowledge of 533 million of its people. The info was leaked on-line, in entire, by a hacker before this 12 months after they ran an underground small business that saw individuals pay out small sums to entry and retrieve information these kinds of as users’ phone quantities.

Meta has stated it will also reward scientists who can demonstrate they can scrape datasets containing at minimum 100,000 Fb user records, beginning right now.

To be eligible for a reward, the dataset will have to be distinctive and unidentified to Meta, and incorporate individually identifiable information (PII) these types of as email addresses, phone numbers, physical addresses, or religious or political affiliations.

“If we ensure that person PII was scraped and is now readily available on-line on a non-Meta internet site, we will do the job to choose proper actions, which might include things like performing with the related entity to take away the dataset or trying to find authorized suggests to assist guarantee the issue is resolved,” the company said.

The most reward for the programme is not disclosed by Meta, but it claimed each thriving, suitable disclosure will be rewarded with the bare minimum amount of $500 (£376).

Databases scraping is usually bewildered with a knowledge breach and it signifies an interesting differentiation of the two conditions, inspite of the consequence largely staying the exact – consumer data falling into the palms of those with whom the consumer did not explicitly share.

Not like data breaches, which slide below the Personal computer Misuse Act, there is no particular law against data scraping in the UK. However, web-sites can take action from people if the data scraping benefits in an infringement of mental residence or breaches the site’s terms of assistance.


Some elements of this posting are sourced from:
www.itpro.co.uk

Previous Post: «australia and us sign cloud act data sharing deal to support Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
Next Post: The Guide to Automating Security Training for Lean Security Teams the guide to automating security training for lean security teams»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Publishes 5G Security Evaluation Process Plan
  • Twitter to Pay $150m Fine to Resolve Data Privacy Violations
  • Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel
  • Nearly 100,000 NPM Users’ Credentials Stolen in GitHub OAuth Breach
  • Russian Hackers Believed to Be Behind Leak of Hard Brexit Plans
  • The Myths of Ransomware Attacks and How To Mitigate Risk
  • Attackers Can Use Electromagnetic Signals to Control Touch Screens Remotely
  • UK Government Seeks Views to Bolster the Nation’s Data Security
  • Survey Evidences Leaders Lack Confidence in Cyber-Risk Management
  • CISA adds 41 vulnerabilities to catalog of exploited bugs

Copyright © TheCyberSecurity.News, All Rights Reserved.