Latest


Microsoft awards $374,300 in bug bounties to secure Azure Sphere

  •   Wed, Oct 07 2020 11:12:34 AM

New Delhi, Oct 7 (IANS): Microsoft has awarded $374,300 in bug bounties to security researchers who spotted bugs in Azure Sphere which itself offers high-end security for Cloud-connected Internet of Things (IoT) devices.

During the three-month Azure Sphere Security Research Challenge (ASSRC), cyber security researchers surfaced 20 critical or important severity security vulnerabilities in Azure Sphere.

The Azure Sphere Security Research Challenge brought together 70 researchers from 21 countries to help secure Azure Sphere customers and expand Microsoft's partnerships with the global IoT security research community.

"Many of the vulnerabilities found during the research challenge were novel and high impact, and led to major security improvements for Azure Sphere in their 20.07, 20.08 and the latest 20.09 updates," Microsoft said in a statement on Tuesday.

The updates were automatically pushed to Azure Sphere devices that are connected to the internet to help secure Azure Sphere customers.

Security researchers from McAfee ATR and Cisco Talos reported high-impact bugs in Azure Sphere, "especially a full attack chain developed by McAfee ATR that exposed a weakness in the cloud and multiple weaknesses on the device including a previously unknown Linux kernel vulnerability".

Microsoft introduced two high-priority research scenarios focused on the core of the Azure Sphere OS with $100,000 awards, and six general scenarios focused on various levels of the Azure Sphere operating system (OS) with up to 20 per cent additional awards on top of the Azure Bounty Programme awards.

"We strongly believe that this challenge and upcoming expansions of the Azure Security Lab will help to continue to protect our cloud and Azure Sphere," Microsoft said.

In April 2018, Microsoft announced Azure Sphere to better secure the 41.6 billion IoT devices expected to be connected to the Internet by 2025.

This year, Microsoft announced six new bug bounty programmes and two new research grants, receiving 1,226 eligible vulnerability reports from 327 security researchers.
  

Top Stories

Dubai: Dr Ronald Colaco honoured with ‘Global Icon of Philanthropy’ Award

  •   21 hours ago    5

Leave a Comment

Title: Microsoft awards $374,300 in bug bounties to secure Azure Sphere



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like