Facebook Doubles Advertising Bug Bounty

Facebook has doubled the bounty for security researchers who will found bug in Facebook's advertising code.

"We recently completed a comprehensive security audit of this area ourselves.We found and fixed a number of security bugs but would like to encourage additional scrutiny from Whitehats to see what we might have missed."said Collin Greene (Security Engineer at Facebook).

Some bugs that company has fixed.

1. Redeeming the same ads coupon multiple times with expiry.
2. Retrieving the same of an unpublished Page via the Ads create flow by guessing its Page ID.
3. Arbitrary local file read via a .zip symlink.
4. Injecting JavaScript into an ads report email and then leveraging a Cross Site Request Forgery (CSRF) bug to make victim send malicious email to target on your behalf.

Greene said the payout levels will last until the end of the year.Facebook also announced a new tool called Safety Check that allows to check-in and say they are safe or not during disaster and it will automatically publish a story in your news feed.Recently Google tripled bounty who will found bug in Google Chrome.