Zerodium has jacked up its offering price for Microsoft Outlook zero-day exploits.
Act fast if you have the goods and the moral equanimity, to make up to $400,000 for a zero-click, remote code-execution (RCE) exploit. “Zero-click” means that targets neither have to read a malicious email message nor open a rigged attachment.
Zerodium said that it might still want to purchase those type of exploits, too – just for a lower price. According to a post from Zerodium, runner of high-end, high-dollar, third-party bug-bounty programs, the price spike is only temporary, with the end date still to be determined.
The deal came on the same day that Trustwave SpiderLabs published a new way to bypass Outlook security to deliver malicious links to victims.
Read More: https://threatpost.com/zerodium-payout-outlook-zero-days/178089/