Risk & Repeat: Apple bug bounty frustrations boil over

Listen to this podcast

Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities.

This week’s Risk & Repeat podcast discusses the infosec community’s growing discontent with Apple’s bug bounty program and what it could mean for the technology giant.

Several security researchers have recently criticized the Apple Security Bounty (ASB) program, accusing the company of ignoring vulnerability reports, silently patching bugs, denying bounty payments and credit, and other transgressions. Some bug hunters have publicly declared they will no longer engage with the ASB program, and others said they will look to sell their vulnerability discoveries to third parties, such as zero-day exploit brokers.

What are the root causes of Apple’s bug bounty woes? Will frustrations with Apple lead to critical exploits landing in the hands of spyware vendors and nation-state hacking groups? What does the company need to do to fix the situation? SearchSecurity editors Rob Wright and Alex Culafi discuss those questions and more in this episode.

Articles You May Like

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable
What is the Dark Web? Everything You Need to Know
What We’ve Learnt From Home Learning During Lockdown
Twitter Bans Users From Posting ‘Private Media’ Without a Person’s Consent
More than 1,000 arrested in global crackdown on online fraud

Leave a Reply

Your email address will not be published. Required fields are marked *