Apple announced a new, more diverse level of security bug detection bonus
As planned, Apple has just announced a new security bug bounty program, bringing up to $ 1 million or more for any security expert who can find vulnerabilities. large, serious appearances in the operating system as well as products of the software ecosystem of the company.
Apple's security bug bounty reward program, first announced in 2016, only applies to security researchers who receive iOS invitations and vulnerabilities. However, within the framework of the Black Hat global cybersecurity conference held in August, Apple disabled the program to expand this program, including more platforms of the Apple ecosystem such as iCloud, iPadOS, macOS, tvOS, watchOS, and especially unlimited number of participants. Of course, in order to receive the bounty, researchers must submit a detailed description of the flaw, including how they found it, how dangerous it is, and what to do to deal with it. .
The highest rewards will be in cases of discovering multi-platform vulnerabilities (affecting multiple Apple platforms at the same time), especially if this vulnerability has a negative impact on devices and parts. New soft launch of Apple. In case of finding a vulnerability in the beta version, the researcher will receive an additional 50% of the standard reward. A few bonus levels have been specified, including:
- $ 25,000 to $ 100,000 for data extraction vulnerabilities and bypassing the device's lock screen.
- $ 25,000 to $ 100,000 for vulnerabilities that allow unauthorized iCloud access.
- $ 100,000 to $ 250,000 for a vulnerability that allows sensitive data to be extracted from a locked device
- $ 1 million for vulnerabilities that allow an attacker to remotely control the device.
- $ 1 million for security could lead to a full-chain kernel code execution attack.
As such, the highest reward will be for zero-click vulnerabilities, allowing an attacker to hijack the device without the owner knowing it. However, to receive the bonus, you must send the full mining chain along with detailed reports to Apple.
Scaling up the security bug-finding program to receive bonuses is a necessary move, showing Apple's interest in contributions from outside resources, from product quality and user experience. will also be greatly improved.
You should read it
- Hack SIM: Things to know and how to avoid
- Demonstration of technology of ATM hack
- Hackers claim how good it is to hack Mark Zuckerberg's Facebook account?
- How to hack WiFi passwords with holes on WPA / WPA2
- 4 ways to hack Facebook you should know to protect your Facebook account
- The corner of getting rich: A company hung a $ 1 million prize for anyone who hacked WhatsApp and iMessage
- The latest iOS 11 has been hacked !!!
- Discover new ways to hack WPA3 protected WiFi passwords
May be interested
- Google announced three new Chrome security featureson sunday, google announced three new security features for chrome that help the browser detect and prevent infringing extensions.
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonuslinus henze, an 18-year-old german, recently claimed to have discovered a serious security flaw on macos that could expose the machine's storage passwords to malicious applications.
- iOS 14 has a nice 'reveal password detection' featurethe ios operating system is equipped with a lot of advanced security features by apple, helping to ensure user privacy, including the very good feature of 'reveal password'.
- Instructions for setting up an Apple ID security keyfrom ios 16.3 onwards, apple has set up a physical security key to enhance the security of users' apple id accounts.
- Interesting implication behind Google's $ 3133.7 bonus for Vietnamese hackersrecently, ngoc chanh with the nickname killer with a vietnamese hacker was honored by google at the hall of fame, a ranking of experts who have contributed greatly in finding and uncovering security gaps of the technology giant. .
- The program 'find money exchange errors' on Facebook, the maximum prize up to 40 thousand USDany security researcher can join the program and when he finds a security vulnerability that allows hackers to take account, access in facebook-owned products and services like instagram, whatsapp and oculus will be rewarded.
- Extremely sophisticated 17th-century locking system makes us 'admire admiringly'when you see how the lock system has been operating for more than 300 years, you will have to be surprised about its level of sophistication.
- Hackers can bypass the Face ID face with just a pair of black adhesive tapeaccording to experts, this method can fool face id by making this security tool think users are opening their eyes.
- Sony is about to introduce face detection technology with a new laser sensor, far beyond Apple's Face IDsony is developing a new laser facial recognition technology that promises greater accuracy than face id. this new technology will be integrated into smartphones by the end of 2019 to enhance the security of the device.
- Gun shot without puncturing Apple Card, new credit card from Appleapple card is apple's new credit card, advertised by the company that it is globally usable, requires no fees, low interest rates, and offers more bonus forms.