Today, we are extending support for mobile security keys for Facebook iOS/ Android users. Security keys help ensure that passwords aren’t the last line of defense between an attacker and your account. Learn more about security keys & how to use them here:
Meta is hosting its first ever European BountyConEDU in Spain for university students. Join us for a 3-day conference filled with workshops, a live hacking event w/ bounties & more!
Hope to see you there!
Sign up:
Deadline to register: December 31, 2021
6/ Thank you to everyone who has contributed to the Bug Bounty program over the years. This is just the beginning for Hacker Plus and we hope to continue to foster a strong and collaborative community. More here:
The latest of our static analysis tools - Mariana Trench. It’s open source and designed to detect and prevent security bugs in
#Android
and
#Java
applications, more here:
Mariana Trench is an open source static analyzer written to detect and prevent security issues in
#Android
and
#Java
applications. It can review large codebases, provide feedback to engineers, and detect bugs before they are introduced into a codebase.
We have seen reports of a hoax making its rounds claiming a fee will be required to use Facebook, and the only way to use Facebook for free is by spreading this rumor. This is false.
As we state in our Help Center,...
At Facebook, we’re here to help you connect with others -- and do it securely no matter where you are. Here are a few tips to stay secure while you
#StayAtHome
.
2/ Hacker Plus offers researchers additional bonuses, access to stress-test more soon-to-be released products and features, exclusive invites to our bug bounty events and more.
Today we’re sharing our coordinated vulnerability disclosure policy that codifies how we alert 3rd parties to potential security issues when we find them:
5/ We’re also graduating a tool, FBDL, out of beta that helps researchers quickly and easily set up bug reproduction steps using a standard bug description language:
1/ As our Bug Bounty Program approaches its 10th anniversary, we’re launching a loyalty program - Hacker Plus- to thank the talented security researchers who help us keep Facebook safe and secure:
4/ Researchers are also eligible to receive bonuses on top of a standard bounty award. Ex: researchers in our Bronze league will receive a 5% bonus on top of each bounty award and Diamond league members will earn a 20% bonus.
Tune into
@riskybusiness
to get an inside look into Facebook’s security model and how we managed the shift to WFH this year with FB SecEng leaders Pedro Canahuati and Chris Bream:
3/ Hacker Plus has five leagues, with Bronze as the entry-level tier and Diamond as the highest tier. Researchers have been placed into a league based on the cumulative quantity, score and signal-to-noise ratio of their bug submissions over the last 24 months.
CBS This Morning shed light on the Better Business Bureau's report of lottery and sweepstakes scams. If you see a scam on facebook, report it using our guidelines at...
Facebook just deleted almost 120 cybercrime groups from its platform, totaling ~300k members who promoted everything from spam & credit card from to DDoS services, tax refund fraud, 419 scams & account takeovers. The avg age of these groups was 2 years.