Apple announced a new, more diverse level of security bug detection bonus
As planned, Apple has just announced a new security bug bounty program, bringing up to $ 1 million or more for any security expert who can find vulnerabilities. large, serious appearances in the operating system as well as products of the software ecosystem of the company.
Apple's security bug bounty reward program, first announced in 2016, only applies to security researchers who receive iOS invitations and vulnerabilities. However, within the framework of the Black Hat global cybersecurity conference held in August, Apple disabled the program to expand this program, including more platforms of the Apple ecosystem such as iCloud, iPadOS, macOS, tvOS, watchOS, and especially unlimited number of participants. Of course, in order to receive the bounty, researchers must submit a detailed description of the flaw, including how they found it, how dangerous it is, and what to do to deal with it. .
The highest rewards will be in cases of discovering multi-platform vulnerabilities (affecting multiple Apple platforms at the same time), especially if this vulnerability has a negative impact on devices and parts. New soft launch of Apple. In case of finding a vulnerability in the beta version, the researcher will receive an additional 50% of the standard reward. A few bonus levels have been specified, including:
- $ 25,000 to $ 100,000 for data extraction vulnerabilities and bypassing the device's lock screen.
- $ 25,000 to $ 100,000 for vulnerabilities that allow unauthorized iCloud access.
- $ 100,000 to $ 250,000 for a vulnerability that allows sensitive data to be extracted from a locked device
- $ 1 million for vulnerabilities that allow an attacker to remotely control the device.
- $ 1 million for security could lead to a full-chain kernel code execution attack.
As such, the highest reward will be for zero-click vulnerabilities, allowing an attacker to hijack the device without the owner knowing it. However, to receive the bonus, you must send the full mining chain along with detailed reports to Apple.
Scaling up the security bug-finding program to receive bonuses is a necessary move, showing Apple's interest in contributions from outside resources, from product quality and user experience. will also be greatly improved.
You should read it
- Apple expanded the size of the security bug detection program to receive bonuses, including macOS, a maximum bonus of $ 1 million
- Top 28 Android tools and apps you should know (Part 1)
- Hack SIM: Things to know and how to avoid
- Demonstration of technology of ATM hack
- Hackers claim how good it is to hack Mark Zuckerberg's Facebook account?
- How to hack WiFi passwords with holes on WPA / WPA2
- 4 ways to hack Facebook you should know to protect your Facebook account
- The corner of getting rich: A company hung a $ 1 million prize for anyone who hacked WhatsApp and iMessage
- The latest iOS 11 has been hacked !!!
- Discover new ways to hack WPA3 protected WiFi passwords
- Japan urges white-hat hackers to hack insecure IoT devices ahead of the 2020 Olympics
- Face some new hacking techniques related to Bluetooth technology