The top award for flaws that allow cybercriminals to abuse legitimate services has increased by 166 percent. Product abuse is when a threat actor uses a legitimate service in a way that enables social-engineering or other cyberattacks. Google has so far identified more than 750 previously unknown product abuse risks through the bug-bounty program. The highest reward in the product-abuse program has now increased from $5,000 to $13,337 per report. The increased reward levels will soon be followed by an expansion in Google s Vulnerability Research Grants.
Source: https://threatpost.com/google-product-abuse-bug-bounties/158940/