MUST READ

U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog

 | 

Asahi halts ordering, shipping, and customer service after cyberattack

 | 

Scattered Spider, ShinyHunters Restructure - New Attacks Underway 

 | 

UK grants £1.5B loan to Jaguar Land Rover after cyberattack

 | 

Harrods alerts customers to new data breach linked to third-party provider

 | 

Akira Ransomware bypasses MFA on SonicWall VPNs

 | 

Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks

 | 

Dutch teens arrested for spying on behalf of pro-Russian hackers

 | 

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Apple will pay up to $200,000 in Bug Bounty Program

Pierluigi Paganini August 05, 2016

Apple has chosen the Black Hat 2016 security conference to announce the launch of its bug bounty program, hackers can earn up to $200,000 for a flaw.

Great news for bug hunters, finally Apple announced that it will pay hackers that will find bugs in its products. Apple is the last IT giant to launch its bug bounty program. Major IT firm, including Facebook, Google, and Microsoft have already launched a similar initiative over last years to reward with a great success.

Apple has chosen the Black Hat 2016 security conference to announce the launch of the bug bounty program. The announcement was made by Ivan Krstić, head of security engineering and architecture at Apple that confirmed the invite to the hacking community to ethically report security vulnerabilities under the bug bounty program.

Apple botnet

How much is a vulnerability in Apple product?

The awards are very interesting, bug hunters can earn up to $200,000 for a critical vulnerability affecting the secure boot firmware components, up to $100,000 for a flaw that could be exploit to extract sensitive data protected by the Secure Enclave, up to $50,000 for arbitrary code execution with kernel privileges and unauthorized access to iCloud account data, and up to $25,000 for access from a sandboxed process to user data outside the sandbox.

Apple’s bug bounty program will be launched in September, the IT giant will accept a submission only if it will include a working proof-of-concept (PoC).

But I appreciated also another opportunity that Apple will give to the hackers, if they will donate the reward to a charity, Apple could match the amount.

The bad news is that the bug bounty program will be open only to groups of researchers invited by Apple. The company intends to invite only a limited number of security experts who have previously ethically reported bugs to Apple, but the IT giant will slowly expand its bug bounty program.

In a first phase, the program will be focused on vulnerabilities in iOS and iCloud products.

The experts speculate that the decision of launching a bug bounty program is the response of the company to the battle with the FBI for the case of the San Bernardino shooter’s iPhone.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Apple bug bounty program, Hacking)

Apple bug bounty program ethical hacking Hacking iCloud iPhone

you might also like

Pierluigi Paganini September 30, 2025
U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini September 30, 2025
Asahi halts ordering, shipping, and customer service after cyberattack
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog

Security / September 30, 2025

Asahi halts ordering, shipping, and customer service after cyberattack

Security / September 30, 2025

Scattered Spider, ShinyHunters Restructure - New Attacks Underway 

Cyber Crime / September 30, 2025

UK grants £1.5B loan to Jaguar Land Rover after cyberattack

Security / September 29, 2025

Harrods alerts customers to new data breach linked to third-party provider

Data Breach / September 29, 2025