Zerodium Spikes Payout for Zero-Click Outlook Zero-Days

Zerodium Spikes Payout for Zero-Click Outlook Zero-Days-01

Zerodium has jacked up its offering price for Microsoft Outlook zero-day exploits.

Act fast if you have the goods and the moral equanimity, to make up to $400,000 for a zero-click, remote code-execution (RCE) exploit. “Zero-click” means that targets neither have to read a malicious email message nor open a rigged attachment.

Zerodium said that it might still want to purchase those type of exploits, too – just for a lower price. According to a post from Zerodium, runner of high-end, high-dollar, third-party bug-bounty programs, the price spike is only temporary, with the end date still to be determined.

The deal came on the same day that Trustwave SpiderLabs published a new way to bypass Outlook security to deliver malicious links to victims.

Read More: https://threatpost.com/zerodium-payout-outlook-zero-days/178089/