2 weeks Ago
Microsoft launches new bug bounty offer. With security threats increasingly powered by AI, from sophisticated Gmail attacks to malicious advertising accounts that can lead to search engine compromise , there’s no doubt that this is the new frontier of the cybersecurity badlands. The AI security threat runs deeper than these attack campaigns; dig under the surface, and you will find vulnerabilities waiting for cybercriminals to expose.
Microsoft is no stranger to vulnerabilities, it has to be said, but its bug bounty programs look to address the issue. The latest Microsoft bug bounty announcement targets AI hackers specifically, with rewards of up to $30,000 per vulnerability on offer to those hackers who can find and disclose them. Microsoft has added an AI bounty award category to its acclaimed vulnerability disclosure program that paid elite hackers a total of $16.
6 million during 2024 alone, and $60 million in total. The newly announced Microsoft Dynamics 365 and Power Platform Bounty Program is looking for both individuals and organizations to identify security vulnerabilities in specific Dynamics 365 and Power Platform applications. “Qualified submissions are eligible for bounty rewards of $500 to $30,000,” Microsoft said .
While Dynamics 365 covers a suite of what Microsoft described as “intelligent business applications” that are created to connect all parts of the business from customers to operations, Power Platform comprises applications to enable data analysis, process automation and the creation of “virtual agents to overcome business challenges. Microsoft said that it is looking for hackers to disclose security vulnerabilities that are rated as either important or critical, as defined by Microsoft’s own Vulnerability Severity Classification for AI Systems rather than the standard Common Vulnerabilities and Exposures, or CVE, rating system. When it comes to the vulnerabilities that are in scope, Microsoft said that AI integrations in PowerApps and model-driven applications are included.
For PowerApps, these are: Making applications through conversations. Copilot assistance for form filling in model-driven apps. For model-driven applications, these are: Copilot chat in model-driven applications.
Extend Copilot capabilities in finance and operations apps. Enable Copilot capabilities in finance and operations apps Hackers interested in earning some extra cash by finding AI vulnerabilities in these Microsoft products can find out more about signing up by referencing the announcement link already provided..
