Getty Images/iStockphoto

News

Risk & Repeat: Apple bug bounty frustrations boil over

By

Rob Wright, Senior News Director

Listen to this podcast

Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities.

Podcast

This week's Risk & Repeat podcast discusses the infosec community's growing discontent with Apple's bug bounty program and what it could mean for the technology giant.

Several security researchers have recently criticized the Apple Security Bounty (ASB) program, accusing the company of ignoring vulnerability reports, silently patching bugs, denying bounty payments and credit, and other transgressions. Some bug hunters have publicly declared they will no longer engage with the ASB program, and others said they will look to sell their vulnerability discoveries to third parties, such as zero-day exploit brokers.

What are the root causes of Apple's bug bounty woes? Will frustrations with Apple lead to critical exploits landing in the hands of spyware vendors and nation-state hacking groups? What does the company need to do to fix the situation? SearchSecurity editors Rob Wright and Alex Culafi discuss those questions and more in this episode.

Search Networking

5 principles of change management in networking
Network change management includes five principles, including risk analysis and peer review. These best practices can help ...
A guide to Li-Fi technology
Li-Fi is an emerging wireless technology that uses visible light to transmit data instead of radio frequencies. Though still ...
AI skills for network professionals
Networking professionals must develop basic networking skills and AI to thrive in a complex landscape. Learn how AI's integration...

Search CIO

Google breakup likely off the table under Trump
Donald Trump might not want to break up Google, but history suggests he won't slow antitrust enforcement efforts against bad ...
Trump's Department of Government Efficiency will face issues
Big political and bureaucratic obstacles await Elon Musk and Vivek Ramaswamy, who will lead the department with the goal of ...
How to run a successful IT pilot program
IT pilot programs are a crucial yet frequently overlooked step in internal tech procurement. Learn how to maximize these programs...

Search Enterprise Desktop

How to create a custom Windows 11 ISO file
With a custom Windows 11 ISO file, IT departments can streamline deployment and apply new version of Windows to repair OS ...
How to make the most of Windows Autopatch with Intune
IT administrators can use Intune to manage numerous settings related to Windows OSes and business apps. The Windows Autopatch ...
How to perform a Windows 11 ISO file install
The days of IT departments manually provisioning Windows OSes and company settings onto each PC are long gone, but IT staff still...

Cloud Computing

How to build a business case for cloud migration
Successful cloud migrations start with a solid business plan that details the costs, benefits, risks and challenges to key ...
Managed identity vs. service principal for Azure apps
Managed identities automate identity management for Azure-native applications, while service principals are ideal for external ...
Top cloud migration service providers and how to choose one
Tools, services and pricing vary widely, and often, the options are platform-specific. Here's a rundown of seven representative ...

ComputerWeekly.com

RealWear looks to reshape industrial AR with Almer acquisition
In what is said to mark a pivotal moment in a key part of the spatial computing sector and boost frontline worker productivity, ...
IT leaders raise concerns over IT security overspend
How many IT security products does it take to secure a business? Too many, according to some IT decision-makers
CBRE: Spare datacentre capacity levels to hit all-time low across Europe by end of 2024
Real estate consultancy CBRE has lifted the lid on how growing demand for datacentre capacity, coupled with shortages of land and...

Close