Apple Pays Bug Bounty to Enterprise Network Researchers


So far, the company has doled out $288,000 to five researchers who, in three months, found 55 vulnerabilities in its corporate infrastructure.

Apple has so far paid $288,000 to white-hat hackers who discovered 55 emails in the company’s enterprise infrastructure. The team of five researchers, led by 20-year-old Sam Curry, probed Apple’s network from July to October and found what they described as 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity vulnerabilities.

The researchers looked at a huge number of servers, as Curry wrote on a blog post describing the project: “They own the entire 17.0.0.0/8 IP range, which includes 25,000 web servers with 10,000 of them under apple.com, another 7,000 unique domains, and to top it all off, their own TLD (dot apple).”

Vulnerabilities found include authentication and authorization bypass, cross-site scripting, command injection, and exposed secret keys. According to the researchers, Apple promptly patched or remediated all discovered vulnerabilities.

Apple is still processing the discoveries through its bug-bounty program. If all are accepted, the payout to the researchers could total more than $500,000.

Read more here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

 

Recommended Reading:

More Insights





Source link

Recent articles

Jack Ma is making history again with the Ant IPO, and getting even more wealthy while doing it

Financial tech company Ant Group's share sale in Hong Kong and Shanghai — the biggest in history — will catapult Ma to within...

The Best Wi-Fi Routers in 2020

Image: NetgearTop Product: Google Nest Wi-FiImage: GoogleI use Google’s Nest Wi-Fi in my own two-story house, and it’s such an...

Malaysia PM Muhyiddin gets reprieve from key political ally | Malaysia

Political bloc that led the country for 60 years until 2018 also said that it will not back opposition leader Anwar Ibrahim.The largest...

Hospitals brace for more cyberattacks as coronavirus cases rise

Hospitals and health care institutions preparing for a fall wave of coronavirus cases are bracing for more cyberattacks after hackers seeking to take...

Coming Soon to Xbox Game Pass for Android, Console, and PC: Celeste, Grim Fandango, PUBG and More

We’ve got more games coming to Xbox Game Pass on Console, PC, and Android devices – but heads up some are a little...

Leave a reply

Please enter your comment!
Please enter your name here