Total Tests:
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

Apple cyber vulnerabilities

Security Buyer
Friday, October 9, 2020

A hacker team led by a 20-year-old researcher has found 55 vulnerabilities, 11 of them critical, in Apple’s corporate network. Apple promptly fixed the vulnerabilities after they were reported over a three-month span, often within hours of initial advisory. The company has so far processed about half of the vulnerabilities and committed to paying $288,500 for them. Once Apple processes the remainder, the total pay out might surpass $500,000.

Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, Master of Legal Studies (WASHU) & MS Criminal Justice and Cybercrime Investigation (BU), comments:

“Unfortunately, there is no warranty that these vulnerabilities have not been exploited by sophisticated threat actors to silently compromise VIP victims. Worse, likely more similar vulnerabilities exist undiscovered and may be known to hacking groups that make a lot of money by their exploitation. Modern web applications open the door to corporate networks with the most critical information, and their breach can be fatal for a company.

This is an alarming reminder that even the largest tech companies considerably underestimate their web application security. Most organizations merely invest into some automated scanning tools and recurrent penetration testing but without implementing a comprehensive application security program. Such program shall include regular secure coding trainings for software developers, introduce security controls aimed to detect vulnerabilities at the early stage of development – the so-called shift left approach, and provide strict security guidelines for software developed by third-parties. Finally, modern software shall incorporate privacy by design to enable seamless compliance with regulations like CCPA or GDRP.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential