Hacker earns $75k for finding 3 critical vulnerabilities in Apple Safari Browser


    Apple Inc has once again proved that it keeps its word when it comes to rewarding white hat hackers who find security flaws in its products. As recently it rewarded a hacker with $75,000 for finding seven flaws in Apple’s Safari Browser- out of which 3 were supposed to be critical.


    Ryan Pickren is the name of the hacker who received the reward of $75k for finding flaws in its Safari browser which could leak to the hack of the target’s iPhone Camera.


    Technically called ‘Zero Day’ Vulnerabilities, it allows threat actors to take control of a camera and microphone if in case they start exploiting the susceptibilities.

    Details are out now that Pickren found these security flaws in Dec’19 and alerted Apple Inc on an immediate note. And after verifying the facts, the tech giant released a fix to almost 5 security vulnerabilities in January 2020 through its 13.0.5 update to its Safari browser. The other two browser updates came in March through 13.1 fixing the critical flaws.


    It is a known fact that all tech companies like Microsoft, Apple Inc, Google, and Amazon offer a bug bounty program where they reward hackers for finding flaws in their respective products and services. Amazon does it with charm by offering great rewards to those who find faults in its cloud infrastructure and so does Apple and Microsoft to a certain extent when it comes to shelling out the reward money


    Google just rewards those who alert it about the extreme critical flaws, while it just appreciates those who come up with security alerts.


    Note- Apple Inc is spending $200 million to help the non-profitable organization to tackle with COVID 19 epidemic. And Google has given a $250 million Ad grant to help the World Health Organization WHO provide critical information on how to stop the spread of Corona Virus spread. Remember the same Sundar Pichai led company used to spend just $11 million till Feb this year on the same scenario.

    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display