Thursday, 8 October 2020

Hackers Discover 55 Apple Vulnerabilities, Awarded Over $50,000 in Bounties

A group of hackers has been awarded over $50,000 by Apple for discovering 55 vulnerabilities in the company's systems.



Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes spent three months hacking Apple platforms and services to discover a range of weaknesses. The 55 vulnerabilities the team discovered were of varying severity, with some being critical.

During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources.


Apple apparently was swift to address the majority of the vulnerabilities, with some being resolved in as little as a few hours.

Overall, Apple was very responsive to our reports. The turn around for our more critical reports was only four hours between time of submission and time of remediation.


As part of Apple's Security Bounty Program, the group was able to receive considerable payments for some of their work. As of Sunday, October 4, they had received four payments totaling $51,500. This included $5,000 for disclosing the full name of ‌iCloud‌ users, $6,000 for finding IDOR vulnerabilities, $6,500 for access to internal corporate environments, and $34,000 for discovering system memory leaks containing customer data.

Since no-one really knew much about their bug bounty program, we were pretty much going into unchartered territory with such a large time investment. Apple has had an interesting history working with security researchers, but it appears that their vulnerability disclosure program is a massive step in the right direction to working with hackers in securing assets and allowing those interested to find and report vulnerabilities.


Apple has been actively investing in its bug bounty program since last year. Security researchers can now receive up to one million dollars per vulnerability depending on the nature and severity of the security flaw.

With the permission of Apple's security team, the group has published an extensive report which details a range of vulnerabilities and methods of locating and exploiting weaknesses. They also hinted that additional bounties may be on the way.
Tags: Apple security, hack, bug bounty

This article, "Hackers Discover 55 Apple Vulnerabilities, Awarded Over $50,000 in Bounties" first appeared on MacRumors.com

Discuss this article in our forums



from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2Ib66gP
at No comments:
Labels:

What To Do Before Getting Rid Of Your Xbox One Or PS4

A little more than a month from now, next-gen consoles will be out in the wild. At this point, you might be regarding your PlayStation 4 or Xbox One as a slowly degrading plastic box that’s doomed to waste space and collect dust. You might have even considered [gasp] getting rid of them.

Read more...



from Gizmodo https://ift.tt/3nqcQHR
at No comments:
Labels:

Adobe Launches Premiere and Photoshop Elements 2021

Adobe today released new versions of Photoshop Elements and Premiere Elements, the company's affordable photo and video editing software aimed at more casual users who want to improve their photos and videos with easy to use editing tools.


For Photoshop Elements 2021, Adobe is introducing a "Moving Photos" feature that adds a bit of motion to still images, similar to Apple's Live Photos feature. You can use Moving Photos to create animated GIFs with 2D and 3D camera motion, with the feature powered by Adobe Sensei.

Adjust Face Tilt, another new feature, can automatically adjust the position of a person's face to make sure everybody in the shot is looking in the right direction. This feature joins other existing portrait editing features like those that can add a smile or cut down on redeye.


Customizable Quote Graphics can be added to images, with Photoshop Elements offering pre-set templates, animation options, and customization tools.


There are several new Guided Edits, a feature designed to walk users through the steps needed to achieve different photo effects and looks. Duotones lets users apply two colors to an image for a unique effect, while Perfect Landscapes provides the steps for replacing skies, removing haze, and erasing unwanted objects.


For Premiere Elements 2021, Adobe's video editing software, there's a new Select Object feature that can apply a special effect to just one section of a video, with that special effect tracking throughout the video playback.


GPU Accelerated Performance will let visual effects in elements be previewed without the need to render for faster editing, and cropping videos will take less time. Adobe is also adding 21 music tracks that can be added to videos, and there are new tools for backing up albums, keywords, tags, and more.

New Guided Edits include Double Exposure for playing a video within a photo and Animated Matte Overlays for applying different shapes and animation styles to full videos.

For more on what's new in Photoshop Elements and Premiere Elements, make sure to check out Adobe's website. The updates are available for purchase from Adobe for $99 each starting today, with bundle and upgrade pricing available.
Tags: Adobe, Photoshop Elements, Premiere Elements

This article, "Adobe Launches Premiere and Photoshop Elements 2021" first appeared on MacRumors.com

Discuss this article in our forums



from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2GNEu0F
at No comments:
Labels:

Deals: Save on New 11-Inch and 12.9-Inch iPad Pro in Latest Sales From Amazon and Tiger Direct (Up to $75 Off)

Amazon and Tiger Direct today are discounting a variety of 2020 iPad Pro models, including both 11-inch and 12.9-inch devices. To start, you can get the 128GB Wi-Fi 11-inch iPad Pro for $749.99 at Amazon, down from $799.00.

Note: MacRumors is an affiliate partner with these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Stock on this model is dwindling so be sure to pick it up soon if you're interested. You can lock in the sale price today, and the iPad Pro will begin shipping October 20. This is a match of the previous low price seen on this model.

$49 OFF
11-Inch iPad Pro (128GB Wi-Fi) For $749.99


Check out more 11-inch iPad Pro tablets on sale below:
  • 256GB Wi-Fi - $849.99 at Amazon, down from $899.00 ($49 off)

  • 512GB Wi-Fi - $1,039.00 at Tiger Direct, down from $1,099.00 ($60 off, lowest price)

  • 1TB Wi-Fi - $1,229.99 at Tiger Direct, down from $1,299.00 ($70 off, lowest price)


For 12.9-inch models, there are a few solid ongoing deals at both Amazon and Tiger Direct. You can get the 128GB Wi-Fi 12.9-inch iPad Pro from 2020 for $949.00 at Amazon, down from $999.00.

$50 OFF
12.9-Inch iPad Pro (128GB Wi-Fi) For $949.00


Check out more 12.9-inch iPad Pro tablets on sale below:
  • 256GB Wi-Fi - $1,039.00 at Amazon, down from $1,099.00 ($60 off, lowest price)

  • 512GB Wi-Fi - $1,229.00 at Tiger Direct, down from $1,299.00 ($70 off, lowest price)

  • 1TB Wi-Fi - $1,424.05 at Amazon (price seen at checkout), down from $1,499.00 ($74.95 off, lowest price)

  • 256GB Cellular - $1,219.00 at Amazon, down from $1,249.00 ($30 off)
For even more iPad deals, head to our full Best Deals guide for iPad. In that guide we track the best discounts online for iPad, iPad mini, iPad Air, and iPad Pro.
Related Roundup: Apple Deals

This article, "Deals: Save on New 11-Inch and 12.9-Inch iPad Pro in Latest Sales From Amazon and Tiger Direct (Up to $75 Off)" first appeared on MacRumors.com

Discuss this article in our forums



from MacRumors: Mac News and Rumors - All Stories https://ift.tt/3iICGmT
at No comments:
Labels:

Apple Applies for Trademark of 'iPhone for Life' in Hong Kong

Apple has applied for a trademark on the phrase "iPhone for Life" in Hong Kong, according to a partly-private filing discovered by Patently Apple.



The phrase "‌iPhone‌ for Life" is reportedly associated with telecoms providers and third-party Apple resellers, including U.S. carrier Sprint, to advertise ‌iPhone‌ rental programs. Apple itself has never used the expression.

The application was filed in early September 2020 by legal representatives hired by Apple in Hong Kong. It seeks to cover use of the phrase for "Retail store services and retail store services provided via communications networks" as well as "Financial services; financing services; banking services; financing of loans; extension of retail credit; installment loans; lease-purchase financing."

The trademark application does not specifically reveal how Apple may be intending to use it, but suggests that it could perhaps be used for a new direct-from-Apple ‌iPhone‌ rental program, or simply to block use of the phrase by other companies. Alternately, the trademark may be used to rebrand or rename the existing ‌iPhone‌ Upgrade Program.
Tags: Sprint, trademark, Hong Kong, iPhone Upgrade Program

This article, "Apple Applies for Trademark of 'iPhone for Life' in Hong Kong" first appeared on MacRumors.com

Discuss this article in our forums



from MacRumors: Mac News and Rumors - All Stories https://ift.tt/30LXrb5
at No comments:
Labels:
Subscribe to: Comments (Atom)