Microsoft Offers Up To $30K For Teams Bugs

Microsoft announced that researchers may claim up to $30,000 in rewards by examining its Teams desktop application for security vulnerabilities, in a bid to show its dedication to securing user data, according to Threatpost. The new Apps Bounty Program will offer the maximum reward for discovery of “vulnerabilities that have the highest potential impact on customer privacy and security,” and lower rewards according to a five-tier system. The company will also offer between $500 and $15,000 for general bounties, while exceptional bug hunters may become eligible for entry into the yearly MSRC Most Valuable Security Researcher list or inclusion into Microsoft’s Researcher Recognition Program, said program manager Lynn Miyashita. Participants are to submit their uncovered online vulnerabilities through the Online Services Program. Microsoft’s Teams has recently been the target of phishing scams and a malware campaign using fake Teams updates, prompting the company to launch the program to garner brand support. A recent survey found that tech vendors who show a proactive approach to security, including hosting bug-bounty programs, are the preferred option for 75% of IT professionals.