Apple pays researcher $100,000 for reporting a new security bug
A developer earns a bug bounty reward for reporting a Sign in with Apple zero-day vulnerability that could allow a hacker to access users’ online accounts. When the “Sign in with Apple” service debuted in June 2019, it was praised for being a highly private way to authenticate with websites and applications. According to the company’s announcement made at last year’s Worldwide Developers Conference (WWDC) event, it was supposed to become a decent alternative to long-standing counterparts backed by Google and Facebook.
New jailbreak for iOS 13.5 is out
Ethical hackers have released an advanced jailbreak tool that exploits a zero-day vulnerability to support the latest iOS 13.5 version. A crew of hackers collectively calling themselves Unc0ver have masterminded a tool allowing users to jailbreak iOS 11 and later, including iOS 13.5 that went live just last week. The utility circumvents the security and software limitations built into iDevices.
iPadOS and iOS 13.5 released that patches vulnerabilities affecting the Mail app
Apple is rolling out a major update to iOS and iPadOS that addresses serious security flaws and brings several interesting features under the hood. The release of the new iPadOS and iOS 13.5 officially went live on May 20, 2020, and the update is currently underway globally. In addition to the usual bug fixes, stability tweaks, and performance improvements, it has a tangible focus on users’ health through the Exposure Notification API.
Apple is the most mimicked brand in phishing scams
According to recent findings of security analysts, Apple customers are in the epicenter of brand-based phishing attacks in Q1 2020. If you own a Mac computer or an iOS device, numerous perks are at your fingertips. The only major caveat is that you are more likely to encounter brand-related phishing hoaxes compared to customers of any other popular technology company. In case you find this statement far-fetched, the Q1 2020 Brand Phishing Report by Check Point cybersecurity firm will prove you wrong.
No chance for snoops: new iPad Pro disables the microphone when not in use
iPad models released in 2020 come with a hardware microphone disconnect feature that prevents eavesdropping when the device’s case is closed. Apple previously equipped their recent MacBook models with a security feature that intelligently switches off the microphone when the lid is closed. Now it’s turn for iPad devices to get a similar functionality off the shelf. The extra protection against snooping starts to go live in the 2020 iPad Pro. Instead of closing the lid, which is obviously not the case with the mobile devices in question, the mic cut-off feature is triggered when the user closes the case.
Apple paid white hat hacker $75,000 for unearthing zero-days
A bug bounty program is an amazingly effective way for software makers and device manufacturers to explore weaknesses in what they create. Apple joined the club in December 2019 by encouraging everyone, not only invited researchers, to put their products to the test. The first results of this move have been quick to arrive as a security analyst found a way to exploit Safari vulnerabilities and access the camera on iOS and macOS devices.