{"id":46249,"date":"2022-04-18T18:12:13","date_gmt":"2022-04-18T18:12:13","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/"},"modified":"2022-04-18T18:12:13","modified_gmt":"2022-04-18T18:12:13","slug":"microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/","title":{"rendered":"Microsoft ups bug bounties 30% for cloud lines, pays more for &#8216;scenario-based&#8217; exploits"},"content":{"rendered":"<p><span class=\"label\">In Brief<\/span> Microsoft will pay more \u2014&nbsp;up to $26,000 more \u2014 for &#8220;high-impact&#8221; bugs in its Office 365 products via its bug bounty program.<\/p>\n<p>The new &#8220;scenario-based&#8221; payouts to the <a href=\"https:\/\/www.microsoft.com\/en-us\/msrc\/bounty-dynamics\" rel=\"nofollow\">Dynamics 365 and Power Platform Bounty Program<\/a> and <a href=\"https:\/\/www.microsoft.com\/en-us\/msrc\/bounty-online-services\" rel=\"nofollow\">M365 Bounty Program<\/a> aim to incentivize bug hunters to focus on finding vulnerabilities with &#8220;the highest potential impact on customer privacy and security,&#8221; Microsoft <a href=\"https:\/\/msrc-blog.microsoft.com\/2022\/04\/14\/expanding-high-impact-scenario-awards-for-microsoft-bug-bounty-programs\/\" rel=\"nofollow\">said<\/a> late last week.<\/p>\n<p>Awards will increase as much as 30 percent in some cases, according to the Redmond software goliath.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>For example: discovering a remote code execution (RCE) vuln exploitable from untrusted input \u2014 this is what Mitre deems <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/94.html\" rel=\"nofollow\">CWE-94<\/a>, or a code-injection weakness \u2014 would be eligible for a 30 percent bonus on top of the existing M365 bounty award. Same for finding a vuln that <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/502.html\" rel=\"nofollow\">deserializes untrusted data<\/a>, also leading to potential RCE.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Microsoft made a similar move with its Azure bug bounty program in the fall and now pays <a href=\"https:\/\/msrc-blog.microsoft.com\/2021\/10\/18\/new-high-impact-scenarios-and-awards-for-the-azure-bounty-program\/\" rel=\"nofollow\">up to $60,000<\/a> for high-impact cloud vulnerabilities.<\/p>\n<p>And considering the <a href=\"https:\/\/www.theregister.com\/2022\/04\/13\/microsoft_patch_tuesday\/\">massive Patch Tuesday<\/a> earlier this week, it&#8217;s tough to argue against bigger awards to catch critical security flaws before the criminals do.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>During Microsoft&#8217;s April monthly patching bonanza, the software giant addressed more than 100 vulnerabilities including ten critical RCEs. One of the bugs was already under attack, and a second had its exploit publicly disclosed before Patch Tuesday; Microsoft says no malicious exploitation has happened with that latter programming blunder \u2026 yet.<\/p>\n<h3 class=\"crosshead\"> <span>HP fixes critical Teradici PCoIP bugs<\/span><br \/>\n<\/h3>\n<p>HP issued two security alerts covering ten vulnerabilities in its Teradici PCoIP product, with three bugs receiving a 9.8 &#8220;critical&#8221; severity score. Teradici, which <a href=\"https:\/\/www.theregister.com\/2021\/07\/30\/hp_inc_acquires_teradici\/\">HP acquired<\/a> last year, created a PC-over-IP remote desktop protocol, which has more than 15 million endpoints deployed globally, according to HP.&nbsp;<\/p>\n<p>These include government agencies, media companies, production studios, and financial institutions \u2014 in other words, these bugs could do some serious damage if cybercriminals exploit them before organizations patch the holes.<\/p>\n<p>In addition to the <a href=\"https:\/\/support.hp.com\/us-en\/document\/ish_6052753-6052783-16\/hpsbhf03750\" rel=\"nofollow\">three critical vulns<\/a>, five others are considered &#8220;high&#8221; severity, scoring between 8.8 and 7.7, and one <a href=\"https:\/\/support.hp.com\/us-en\/document\/ish_6052720-6052798-16\/hpsbhf03784\" rel=\"nofollow\">medium at 5.9<\/a>.<\/p>\n<p>Eight of the vulnerabilities, including the three critical ones (<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22822\" rel=\"nofollow\">CVE-2022-22822<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22823\" rel=\"nofollow\">CVE-2022-22823<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-22824\" rel=\"nofollow\">CVE-2022-22824<\/a>) stem from now-patched bugs in the open-source <a href=\"https:\/\/www.openwall.com\/lists\/oss-security\/2022\/01\/17\/3\" rel=\"nofollow\">libexpat<\/a> XML parser library on Windows, macOS, and Linux.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The security impact, according to HP, involves &#8220;potential uncontrolled resource consumption due to an unrestricted size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended&#8221; and &#8220;potential integer overflow error that can introduce weaknesses when the calculation is used for resource management or execution control.&#8221;<\/p>\n<h3 class=\"crosshead\"> <span>Is Karakurt a Conti side hustle?<\/span><br \/>\n<\/h3>\n<p>Karakurt, an cyber-extortion gang named after the highly venomous widow spider, is likely linked to the notorious Conti ransomware group, according to analysis.<\/p>\n<p>This data-theft-and-extortion crew emerged from the dark underside of the internet last summer. Since its first-observed attacks in August, Karakurt has infiltrated more than 70 organizations across multiple industries in at least eight countries, according to Tetra Defense, an incident response team that SecOps provider Arctic Wolf acquired in February.<\/p>\n<p>Rather than just encrypting files and demanding payment for a decryption key, Karakurt takes the more modern approach of engaging &#8220;in extortion by stealing and threatening to release data without any attempt to encrypt,&#8221; Tetra Defense noted.<\/p>\n<p>In <a href=\"https:\/\/arcticwolf.com\/resources\/blog\/karakurt-web#_ftn1\" rel=\"nofollow\">research<\/a> published on Friday by the biz, in partnership with blockchain firm Chainalysis and threat intel company Northwave, the IR firm detailed being called in to work with a customer seemingly hit by the Karakurt crooks.<\/p>\n<p>This client had previously been a Conti victim and had paid the ransom. In this second attack, however, the company received a note saying sensitive data had been stolen and demanding that they pay up \u2014&nbsp;and no encryption occurred.&nbsp;<\/p>\n<p>Investigators noted that the second extortion gang used the exact same Cobalt Strike backdoor that Conti had used to access the victim&#8217;s network. This means the second intruder had access to the Conti Cobalt Strike to use its persistence mechanism. &#8220;Such access could only be obtained through some sort of purchase, relationship, or surreptitiously gaining access to Conti group infrastructure,&#8221; the threat researchers explained.<\/p>\n<p>After conducting further analysis, and responding to more than a dozen Karakut heists, the white-hat team said they have a &#8220;high degree of confidence that the Karakurt extortion group is operationally linked&#8221; to Conti.&nbsp;The security shops also linked Karakut to the Diavol ransomware group.&nbsp;<\/p>\n<p>Other indicators include a common point of initial intrusion for Karakurt and Conti attacks (Fortinet SSL VPNs), and overlapping tools used for exfiltration: &#8220;a unique adversary choice to create and leave behind a file listing of exfiltrated data named &#8220;file-tree.txt&#8221; in the victim&#8217;s environment as well as the repeated use of the same attacker hostname when remotely accessing victims&#8217; networks.&#8221;<\/p>\n<p>Tetra Defense then called in Chainalysis, which helped analyze cryptocurrency transactions carried out by Conti and Karakurt and did, indeed, find a financial connection between the two.&nbsp;<\/p>\n<h3 class=\"crosshead\"> <span>Free info-stealing malware set loose<\/span><br \/>\n<\/h3>\n<p>A new information stealer dubbed ZingoStealer has been set loose on Telegram and Discord, and is being used by multiple cyber-criminals, according to Cisco Talos.<\/p>\n<p>The threat intel team discovered the information-stealing Windows malware last month. Now, a criminal group called the Haskers Gang is releasing ZingoStealer for free and using platforms like Telegram and Discord to &#8220;distribute updates, share tooling and otherwise coordinate activities,&#8221; Cisco&#8217;s security mavens Talos <a href=\"https:\/\/blog.talosintelligence.com\/2022\/04\/haskers-gang-zingostealer.html\" rel=\"nofollow\">wrote<\/a> in a threat spotlight this month.<\/p>\n<p>&#8220;The malware uses Telegram chat features to facilitate malware executable build delivery and data exfiltration,&#8221; according to the Talos researchers. In many cases, cyber-criminals use ZingoStealer to deliver additional malware such as RedLine Stealer and XMRig crypto mining malware, they said.<\/p>\n<p>And while anyone can use the information stealer \u2014&nbsp;it is free, after all \u2014 Talos noted its users tend to infect Russian speakers &#8220;under the guise of game cheats, key generators and pirated software, which likely indicates a current focus on home users.&#8221; That is to say, ZingoStealer is dressed up to be a sought-after application that people are tricked into downloading and running; after that, it harvests sensitive info from the PC, such as browser login cookies, cryptocurrency wallet data, and more.<\/p>\n<p>For a very small fee (300 Rubles or about $3.70, for the moment), the Haskers Gang also offers a pre-built option. This one uses their crypter, called ExoCrypt, which essentially builds in antivirus evasion so that would-be cybercriminals don&#8217;t need a third-party builder to package the malware prior to distribution.<\/p>\n<h3 class=\"crosshead\"> <span>Critical RCE in WordPress plugin patched<\/span><br \/>\n<\/h3>\n<p>A critical RCE vulnerability in popular WordPress plugin Elementor has been <a href=\"https:\/\/plugins.trac.wordpress.org\/changeset\/2708766\/elementor\/trunk\/core\/app\/modules\/onboarding\/module.php?old=2688036&amp;old_path=elementor%2Ftrunk%2Fcore%2Fapp%2Fmodules%2Fonboarding%2Fmodule.php\" rel=\"nofollow\">patched<\/a>.&nbsp;<\/p>\n<p>Security researchers at Plugin Vulnerabilities <a href=\"https:\/\/www.pluginvulnerabilities.com\/2022\/04\/12\/5-million-install-wordpress-plugin-elementor-contains-authenticated-remote-code-execution-rce-vulnerability\/\" rel=\"nofollow\">discovered<\/a> the bug in the WordPress website builder, which has more than five million installations.&nbsp;<\/p>\n<p>The bug was introduced in a new on-boarding module that was part of the 3.6.0 version of the plugin, released last month, that was missing some capability checks. This means that it wasn&#8217;t checking the user&#8217;s permission level, and as such could allow any authenticated users to make changes to the website, upload arbitrary files, or even completely take over the site.<\/p>\n<p>It&#8217;s worth noting that Plugin Vulnerabilities said &#8220;it is possible that the vulnerability might be exploitable by someone not logged in to WordPress.&#8221;<\/p>\n<p>WordPress security shop Patchstack, however, <a href=\"https:\/\/patchstack.com\/articles\/critical-vulnerability-fixed-in-elementor-plugin\/\" rel=\"nofollow\">noted<\/a> it is &#8220;still determining if unauthenticated users are able to leak the nonce token as well (and thus are able to exploit the vulnerability).&#8221;<\/p>\n<p>Either way, it&#8217;s safe to say that updating immediately is the best bet. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/04\/18\/in-brief-security\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plus: HP fixes critical Teradici flaws, Karakurt may be a Conti side hustle, and info-stealing malware set free In Brief\u00a0 Microsoft will pay more \u2014\u00a0up to $26,000 more \u2014 for &#8220;high-impact&#8221; bugs in its Office 365 products via its bug bounty program.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-46249","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft ups bug bounties 30% for cloud lines, pays more for &#039;scenario-based&#039; exploits 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft ups bug bounties 30% for cloud lines, pays more for &#039;scenario-based&#039; exploits 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-18T18:12:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft ups bug bounties 30% for cloud lines, pays more for &#8216;scenario-based&#8217; exploits\",\"datePublished\":\"2022-04-18T18:12:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/\"},\"wordCount\":1259,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/\",\"name\":\"Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-04-18T18:12:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft ups bug bounties 30% for cloud lines, pays more for &#8216;scenario-based&#8217; exploits\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-04-18T18:12:13+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft ups bug bounties 30% for cloud lines, pays more for &#8216;scenario-based&#8217; exploits","datePublished":"2022-04-18T18:12:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/"},"wordCount":1259,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/","name":"Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-04-18T18:12:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yl6sBdlNo5e-RIH9VIr@@gAAAJQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-ups-bug-bounties-30-for-cloud-lines-pays-more-for-scenario-based-exploits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft ups bug bounties 30% for cloud lines, pays more for &#8216;scenario-based&#8217; exploits"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46249","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46249"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46249\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46249"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46249"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46249"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}