Security News > 2020 > April > Apple Awards Researcher $75,000 for Camera Hacking Vulnerabilities
A white hat hacker says he has earned $75,000 from Apple for reporting several Safari vulnerabilities that can be exploited to hijack the camera and microphone of devices running iOS or macOS. Researcher Ryan Pickren identified a total of seven vulnerabilities in Apple's Safari web browser, three of which can be exploited to spy on users through the camera and microphone of their iPhone, iPad or Mac computer.
Apple patched the vulnerabilities that allow hackers to spy on users in January, while the other flaws were fixed in March.
"Put simply - the bug tricked Apple into thinking a malicious website was actually a trusted one. It did this by exploiting a series of flaws in how Safari was parsing URIs, managing web origins, and initializing secure contexts," the researcher explained in a blog post summarizing his findings.
This is not the first time Apple has patched vulnerabilities that can be exploited to spy on users.
Last year, the company fixed a vulnerability in FaceTime that could have given hackers access to a device's camera and microphone.
News URL
Related news
- Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- Apple creates Private Cloud Compute VM to let researchers find bugs (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Researchers Uncover Vulnerabilities in Open-Source AI and ML Models (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)