Zero-day broker: Stop sending us Apple bugs, we have enough already
A company that pays hackers to submit serious security vulnerabilities says it’s made aware of so many flaws in various Apple operating systems that it will temporarily stop acquiring new attack techniques. In a tweet Wednesday, Zerodium said it will stop accepting Apple iOS bugs that lead to “local privilege escalation,” which attackers use to dig deeper into an infected device, remote code execution bugs in the the company’s Safari web browser, or “sandbox escape” tools, which enable attackers to move from an app to other areas of a device. We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors. Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future. — Zerodium (@Zerodium) May 13, 2020 In a follow-up tweet, […]
The post Zero-day broker: Stop sending us Apple bugs, we have enough already appeared first on CyberScoop.
Continue reading Zero-day broker: Stop sending us Apple bugs, we have enough already