Zero-Day Hunters Offer $500K For iOS Bugs

...

Days after Apple launched its first bug bounty program, zero-day hunters Exodus Intelligence upped the ante.

Apple will pay hackers up to $200,000 to identify vulnerabilities in its products. Exodus, meanwhile, is offering up to $500,000.

Cybersecurity researchers are invited to participate in the new Research Sponsorship Program (RSP), which awards bounties for both zero-day flaws and exploits against patched (n-day) vulnerabilities. Currently, iOS 9.3+ flaws are going for a max of $500,000, while Google Chrome and Microsoft Edge bugs could earn you up to $150,000 or $125,000, respectively.

Found Firefox vulnerabilities can net you up to $80,000, Windows 10 up to $75,000, and Adobe Reader and Flash up to $60,000 each. The firm is also offering a bonus structure for zero-day vulnerabilities, which adds to the initial payment for every quarter the exploit remains alive.

"Through the launch of the RSP, Exodus is excited to be engaging the global research community in our mission to provide the highest quality of vulnerability intelligence in the industry," company president Logan Brown said in a statement.

Registered users can view zero-day and n-day hit lists on the new RSP website.

Apple did not immediately respond to a request for comment.

The tech titan—a long-time holdout in the bug bounty arena—announced its new program during last week's Black Hat event in Las Vegas. Compensation ranges from $25,000 for a sandbox break to $200,000 for a secure boot hardware exploit. The program covers five issues, all on iOS or iCloud.

Historically, Apple shied away from bug bounties, citing high bids from the government and black markets. And while $200,000 (or even $500,000) is a good payday, it's pennies compared to the upwards of $1 million third parties like Zerodium have paid security researchers to uncover Apple vulnerabilities.

In June, Cupertino moved to an unencrypted kernel in iOS 10, allowing enthusiasts and security researchers to look inside, while also increasing device security.

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Cheaper than security systems, Stack’s light bulbs now monitor your home

    Referred to as Stack’s Home Awareness service, the feature plans to integrate seamlessly into the company’s existing product line — such as its Stack Classic bulbs and Stack Downlight.With Home Awareness, owners of either of Stack’s lighting options can rest assured that their light bulbs are keeping a keen watch on their household throughout the day.
  • 5300c769af79e

    NexMusic + v3.6.0.0.1 Apk | .Com

    The must have player for android!NexMusic + packs the most minimal UI based on the Google material guidelinesif you dont like it, no problem you can change every single thing!
  • 5300c769af79e

    Redefining the Vendor-Customer Relationship in the IoT

    In 2015, it acquired Coldlight to strengthen its IoT analytics, and Vuforia to add augmented reality technologies to its portfolio.These moves have put PTC in the middle of the IoT market and changed the nature of its customer relationships in many ways.
  • 5300c769af79e

    Monster Hunter Generations (for Nintendo 3DS)

    Compare Similar ProductsCompare Monster Hunter 4 Ultimate (for Nintendo 3DS) %displayPrice% Pokemon X (for Nintendo 3DS) %displayPrice% Animal Crossing: New Leaf (for Nintendo 3DS) %displayPrice% Hyrule Warriors Legends (for Nintendo 3DS) %displayPrice% Mario & Luigi: Dream Team (for Nintendo 3DS) %displayPrice% The Tools of a HunterThe biggest changes that Generation introduces are hunting arts and hunting styles.The Monster Hunter series segregates its hunting missions based on rank, so high-level hunts are generally tougher then low ones and introduce new monsters.