Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

In 2019, Apple opened its Security Bounty Program to the public, offering payouts up to $1 million to researchers who share critical iOS, iPadOS, macOS, tvOS, or watchOS security vulnerabilities with Apple, including the techniques used to exploit them. The program is designed to help Apple keep its software platforms as safe as possible. In […]

Read More

Apple’s iOS 14.8 Update Fixes Zero-Click Exploit Used to Distribute Pegasus Spyware

Today’s iOS 14.8 update addresses a critical vulnerability that Apple engineers have been working around the clock to fix, reports The New York Times. Last week, The Citizen Lab informed Apple about a new zero-click iMessage exploit targeting Apple’s image rendering library. Called FORCEDENTRY, the exploit could infect an iPhone, iPad, Apple Watch, or Mac […]

Read More

Security Researchers Unhappy With Apple’s Bug Bounty Program

Apple offers a bug bounty program that’s designed to pay security researchers for discovering and reporting critical bugs in Apple operating systems, but researchers are not happy with how it operates or Apple’s payouts in comparison to other major tech companies, reports The Washington Post. In interviews with more than two dozen security researchers, The […]

Read More

Apple Updates Platform Security Guide, Says Kernel Extensions Won’t Be Supported on Future Apple Silicon Macs

Apple today shared an updated version of its Platform Security Guide [PDF], providing a comprehensive overview of the latest security advancements across iOS 14, iPadOS 14, macOS Big Sur, tvOS 14, watchOS 7, and more. For example, the guide provides security details about Safari’s optional Password Monitoring feature on iOS 14 and macOS Big Sur, […]

Read More

Hackers Discover 55 Apple Vulnerabilities, Awarded Over $50,000 in Bounties

A group of hackers has been awarded over $50,000 by Apple for discovering 55 vulnerabilities in the company’s systems. Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes spent three months hacking Apple platforms and services to discover a range of weaknesses. The 55 vulnerabilities the team discovered were of varying severity, with […]

Read More

Apple Says Recently Discovered iOS Mail Vulnerabilities Pose No Immediate Threat, But a Patch Is in the Works

Apple has responded to a recent report on vulnerabilities discovered in its iOS Mail app, claiming the issues do not pose an immediate risk to users. Earlier this week, San Francisco-based cybersecurity company ZecOps said it had uncovered two zero-day security vulnerabilities affecting Apple’s stock Mail app for iPhones and iPads. One of the vulnerabilities […]

Read More

Apple Joins the FIDO Alliance to Help Develop and Promote Authentication Standards

Apple has joined the Fast Identity Online (FIDO) Alliance, an open industry association whose mission is to develop and promote stronger authentication standards and help reduce the world’s over-reliance on passwords.Apple joins existing members Amazon, Facebook, Microsoft, Samsung and others in a common goal to secure online connections and support the adoption of the U2F […]

Read More

Apple Officially Launches Public Bug Bounty Program Covering All Apple Software

Apple today officially opened its bug bounty program to all security researchers, after the company announced the expansion plan at the Black Hat conference in Las Vegas earlier this year. Prior to now, Apple’s bug bounty program was invitation-based and non-iOS devices were not included. As reported by ZDNet, from today any security researcher who […]

Read More