San Francisco: Apple has paid $75,000 to a hacker for figuring out a number of zero-day vulnerabilities in its software programme, a few of which could possibly be used to hijack the digital camera on a MacBook or an iPhone.
Former Amazon Web Services security engineer Ryan Pickren reportedly discovered seven zero-day vulnerabilities in Safari after he decided to “hammer the browser with obscure corner cases” until it started showing weird behavior, Forbes reported on Friday.
Pickren reported his research fully via the Apple Bug Bounty Programme in mid-December 2019.
“My research uncovered seven bugs,” Pickren said.
Apple fixed three of the security flaws the ones that allowed for camera hijacking in the January 28 Safari 13.0.5 update. The four remaining flaws were not fixed until the Safari 13.1 release on March 24.
“I really enjoyed working with the Apple product security team when reporting these issues, the new bounty programme is absolutely going to help secure products and protect customers. I’m really excited that Apple embraced the help of the security research community,” the report quoted Pickren as saying.