The search giant boosted the maximum reward from $3,133 to $20,000, and added a $10,000 payment to the program.
The Vulnerability Reward Program (VRP) will now pay $20,000 for vulnerabilities that allow remote code execution against google.com, youtube.com and other core domains, as well as what the company called "highly sensitive services" such as its search site, Google Wallet, Gmail and Google Play.
Remote code flaws found in Google's Web apps will also be rewarded $20,000. Read more...
Microsoft upped the ante on Monday in its months-long battle against the Rustock botnet by posting a $250,000 reward for information that leads to the arrest and conviction of the hackers who controlled the malware.
It was the first time Microsoft used its malware bounty program since February 2009, when it offered the same amount for the people responsible for the fast-spreading Conficker worm.
Microsoft announced the reward early Monday in a blog written by Richard Boscovich, a senior attorney with the company's digital crimes unit. Microsoft also posted a reward document (PDF) that included an email address for tipsters. Read more...
Arik Hesseldahl, from New Enterprise, claims that Sony “hasn’t reached a final decision concerning whether it will offer a reward, and may decide not to do it at all, but the option is on the table.”
Apprehending the perpetrators who brought down Sony’s online PS3 service on April 18 and then caused Sony Online Entertainment network services to be taken offline on May 2 is a high priority for Sony, but offering a reward would suggest that it's no closer to tracking down the culprits, or that it needs stronger evidence from those in the know. A cash reward may well cause people close to the hackers to come forward.