Apple Pays $75K to Cybersecurity Researcher On Camera Security Flaw

0 0 Apr 4, 2020 2020-04-04T23:45:00-05:00 Edit this post

Image via Apple  Apple paid $75,000 to a hacker for discovering a security bug in the camera exploits in Safari. The zero-day vulnerabil...

Image via Apple 
Apple paid $75,000 to a hacker for discovering a security bug in the camera exploits in Safari. The zero-day vulnerabilities included the software used to hijack the camera and access it in Safari in both iOS devices and Macs. These flaws are in the software that nobody in the general public knows, except for those who are hacking or exploiting the software secretly.

A cybersecurity researcher named Ryan Pickren reportedly discovered the flaws in Safari after he decided to pillage the browser with obscure corner cases until it started displaying unexpected behaviour. Pickren found 7 exploits in the browser upon the initial report in December 2019. He portrays that the camera exploits in Safari parsed the Uniform Resource Identifiers, managed the web origins and initialised secure contexts. All of these three attributes led Pickren to get access to the Mac or iOS device’s camera by tricking a user to visit an unsecured, malicious website.

Pickren describes the bug in the report:
“A bug like this shows why users should never feel totally confident that their camera is secure," Pickren said, "regardless of operating system or manufacturer.”
He reported the bug to Apple’s Bug Bounty Program in December 2019 and the company validated all of the bugs immediately. Apple then pushed out a bug fix enclosing the camera kill chain a few weeks after the reporting in Safari version 13.0.5. The minor zero-day vulnerabilities are patched in the latest Safari 13.1 update on March 24th.

Apple opened their bug bounty program to security researchers in December 2019, where hackers, researchers and cybersecurity experts can submit bug reports hindering the security and privacy of iOS devices, Macs and other Apple devices to the Cupertino company. The program is invitation-only and reporters can get paid from $200,000 to a million dollars depending on the severity of the security bugs and flaws they report. The Cupertino firm plans to provide all of their trusted cybersecurity researchers and hackers with “dev” iPhones, which are modified iPhones that allow deeper access to the undercover iOS software that will aid the researchers to detect and report security flaws and breaches easily.

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

DISQUS
Name

(Product)RED,2,#Accessory,2,#App Store,1,#Apple,2,#Apple Music,3,#Apple Park,4,#Apple Pay,4,#Apple Security,3,#Apple Watch,10,#Battery,5,#Bug,1,#CarPlay,2,#Cydia,1,#Face ID,1,#Facebook,1,#FM,1,#Games,2,#HomeKit,2,#HomePod,14,#HowTo,5,#iMac,2,#iMac Pro,3,#Intel,2,#iOS,2,#iOS 11,5,#iOS 11.3,6,#iOS 11.4,1,#iOS 12,2,#iPad,2,#iPhone,21,#iPhone 8,1,#iPhone SE,3,#iPhone SE 2,9,#iPhone X,11,#iPhone X Plus,3,#Jailbreak,13,#Lawsuit,1,#Mac,3,#Mac Pro,2,#MacBook,5,#macOS,10,#MFi,1,#Microsoft,1,#OnePlus,1,#Original Content,2,#Patent,3,#Samsung,1,#Self-Driving,2,#Siri,4,#Tim Cook,1,#Touch ID,2,#TSMC,1,#TV,2,#Wallpaper,1,#watchOS,2,#WWDC,3,3D Touch,2,4G,1,5G,21,A,1,A11,2,A12,9,A13,3,A14,5,A14. iPhone 2020,1,A16,1,AAPL,18,ABC News,1,Accessibility,1,Accessories,87,Accessory,3,Activity,1,Ad,6,Adobe,4,Ads,3,AI,1,Airbnb,1,AirDrop,1,AirPlay,3,AirPlay 2,2,AirPod,2,AirPod Pro,1,AirPods,51,AirPods 2,5,AirPods 3,6,AirPods Pro,14,AirPods Studio,4,AirPort,4,AirPower,26,AirTag,4,AirTags,9,Amazon,11,AMD,2,Android,19,Antitrust,1,App,46,App Store,36,Apple,1950,Apple Arcade,11,Apple Books,1,Apple Camp,1,Apple Car,3,Apple Card,25,Apple Design Awards,2,Apple Event,34,Apple Events,3,Apple Glasses,3,Apple ID,4,Apple Intelligence,1,Apple Map,2,Apple Maps,11,Apple Music,43,Apple News,3,Apple News+,6,Apple One,3,Apple Park,9,Apple Pay,30,Apple Pay Cash,3,Apple Pencil,7,Apple Retail,12,Apple Security,20,Apple Store,56,Apple TV,36,Apple TV+,33,Apple Wacth,1,Apple Watch,157,Apple Watch 6,7,Apple Watch SE,1,Apple Watch Series 7,1,Apple. Chip,1,AppleCare+,1,Applle,1,Apps,2,AR,16,AR Glasses,13,ARM,18,Bands,4,Battery,33,Beats,11,Beddit,1,Best Buy,1,Beta,31,Bill Gates,1,Black Friday,2,Bloomberg,2,Boot Camp,1,Bose,1,Bug,18,Cable,4,Camera,12,Campis,1,Campus,1,Car,3,CarKey,1,CarPlay,7,Carpool Karaoke,3,Cases,1,CCC,1,CES,4,Charger,5,China,18,Chip,3,Chrome,2,Coding,1,Concept,8,Consumer Reports,1,Coronavirus,45,CPU,1,Credit Card,1,Cydia,1,Dark Sky,2,Deals,8,Developer,7,Dialog,1,Display,2,Dongles,2,Earnings,20,EarPods,1,Economy,2,Edge,1,Education,5,Emoji,11,Environment,8,eSIM,1,EU,3,EU. News,1,Event,7,Events,4,Exploit,1,Face ID,20,Facebook,1,FaceTime,4,FBI,2,FCC,4,featured,12,Final Cut Pro,3,Firefox,1,Fitbit,1,FM,2,Foldable,1,Foldable iPhone,6,Fortnite,4,Forum,1,Foxconn,5,France,2,Galaxy S9,1,Game,3,Games,6,gaming,7,Geekbench,2,Germany,1,Gift,1,Gift Card,1,Google,31,Hack,7,Haptic Touch,2,Headphones,9,Health,32,HomeKit,10,HomePod,45,HowTo,78,Huawei,5,iCloud,13,iFixit,11,iMac,12,iMac Pro,3,iMessage,2,India,13,Intel,15,iOS,141,iOS 10,1,iOS 11,13,iOS 11.3,2,iOS 11.4,2,iOS 12,93,iOS 12.1,3,iOS 12.4,1,iOS 13,72,iOS 13.1,8,iOS 13.1.1,1,iOS 13.1.2,1,iOS 13.1.3,1,iOS 13.2,6,iOS 13.2.2,3,iOS 13.2.3,1,iOS 13.3,12,iOS 13.3.1,6,iOS 13.4,9,iOS 13.4.5,3,iOS 13.5,8,iOS 13.5.5,1,iOS 13.6,4,iOS 13.6.1,1,iOS 13.7,2,iOS 14,48,iOS 14.0.1,1,iOS 14.1,1,iOS 14.2,4,iOS 14.2.1,1,iOS 14.3,2,iOS 14.4,3,iOS 14.4.1,1,iOS 14.5,3,iOS 15,2,iOS 16,1,iOS 16.4,1,iOS 18,1,iOS 9,1,iOS beta,3,iOS11,32,iOS12,2,iPad,97,iPad 8,1,iPad Air,8,iPad Mini,2,iPad Pro,65,iPadOS,17,iPhone,250,iPhone 11,31,iPhone 11 Pro,13,iPhone 11 Pro Max,9,iPhone 12,15,iPhone 12 mini,2,iPhone 12 Pro,6,iPhone 13,3,iPhone 13 Pro,1,iPhone 14 Pro,1,iPhone 16,1,iPhone 20020,1,iPhone 2018,34,iPhone 2019,51,iPhone 2020,97,iPhone 2021,10,iPhone 2022,3,iPhone 2023,1,iPhone 3GS,1,iPhone 8,4,iPhone 8 Plus,1,iPhone 9,11,iPhone OS,1,iPhone SE,3,iPhone SE 2,26,iPhone SE 3,1,iPhone X,89,iPhone X Plus,1,iPhone XE,1,iPhone XR,32,iPhone XS,37,iPhone XS Max,4,iPhone2018,5,iPhones,3,iPhoneSE2,1,iPhoneX,1,iPod,6,iPod touch,8,iTunes,12,iWork,1,Jailbreak,25,Jony Ive,6,KaiOS,1,Keyboard,8,KGI,11,Kuo,40,Laptop,3,Lawsuit,11,LCD,1,Leadership,1,Leak,15,LG,9,Live Radio,1,Logic Pro X,3,Logo,2,Luna Display,1,M1,3,Mac,92,Mac App Store,1,Mac Mini,5,Mac OS 8.1,1,Mac Pro,18,MacBook,53,MacBook Air,21,MacBook Pro,69,macOS,77,macOS 10.14,33,macOS 10.15,38,macOS 10.16,1,macOS 11,12,macOS Big Sur,8,macOS Catalina,14,Magic Keyboard,2,Maps,2,Market,1,Media,1,Micro-LED,1,Microsoft,13,Mini-LED,7,Mother’s Day,1,MR,1,Music,1,Netflix,2,News,754,Newsm,1,NFC,1,Nike,2,Nomad,1,Notch,1,Nvidia,1,Office,1,OLED,7,Original Content,18,OS X,1,P30,1,Pangu,1,Patent,36,Patents,4,PC,2,Pixel,4,Pixel Slate,2,Podcast,3,Powerbeats,10,Privacy,19,Pro Display XDR,4,Project Titan,2,ProRes Raw,1,Qualcomm,12,RAM,3,Refurbished,5,Render,1,Repair,3,Reports,3,Retail,2,Review,2,Roku,1,Rumors,19,Safari,6,Samsung,31,SECURITY,25,Self-Driving,3,Services,6,Shazam,4,Shopping,1,Shortcuts,3,Singapore,1,Siri,22,Smartphones,7,Software,4,Spotify,8,Sprint,2,Steve Jobs,6,Stock,26,Subscription,6,Supply Chain,1,Support,27,Swift,1,T-Mobile,3,Tablet,1,TANT,2,TeamViewer,1,Technology,1,Tesla,2,TestFlight,1,Texture,2,TikTok,2,Tim Cook,39,Touch Bar,2,Touch ID,7,Tracker,2,Trade-In,1,Trump,6,TSMC,13,TV,4,TV+,2,tvOS,43,tvOS 12,23,tvOS 13,36,tvOS 13.2,1,tvOS 14,19,tvOS12,2,Twitter,2,UK,1,US,1,USB-C,3,VBucks,1,Verizon,1,Verzion,1,Video,1,VirnetX,1,Vision Pro,1,VR,4,Wallpaper,17,watchOS,53,watchOS 5,25,watchOS 6,39,watchOS 7,27,watchOS 8,1,Webcam,1,WiFi,1,Windows,4,Wireless Charging,16,WWDC,35,Xcode,3,Xiaomi,1,YouTube,3,
ltr
item
Loveios: Apple Pays $75K to Cybersecurity Researcher On Camera Security Flaw
Apple Pays $75K to Cybersecurity Researcher On Camera Security Flaw
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv2ZWgiFyMut3krz7XNAuyvg831iicItk0qwZ2TTCrl5oDJCjO_41WG-yEAGEjrZn9UbP-jfORvBYM0Am1_r84QZQuxBErNTMSenZ_q1FpstGlJeXL4S4-y_jt0_8eyrjtpTVRZyCatlI/s1600/12B7E050-E99B-4CA5-AC9F-7BBBE92ABC4D.png
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv2ZWgiFyMut3krz7XNAuyvg831iicItk0qwZ2TTCrl5oDJCjO_41WG-yEAGEjrZn9UbP-jfORvBYM0Am1_r84QZQuxBErNTMSenZ_q1FpstGlJeXL4S4-y_jt0_8eyrjtpTVRZyCatlI/s72-c/12B7E050-E99B-4CA5-AC9F-7BBBE92ABC4D.png
Loveios
https://www.loveios.net/2020/04/apple-pays-75k-to-cybersecurity.html
https://www.loveios.net/
https://www.loveios.net/
https://www.loveios.net/2020/04/apple-pays-75k-to-cybersecurity.html
true
1784436446950495761
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content