Apple refused to pay bounty to Kaspersky for uncovering vulnerability in 'Operation Triangulation'

TL;DR


1. Apple Refused to Pay Bounty to Kaspersky for Uncovering Vulnerability:
- Kaspersky, a cybersecurity firm, discovered a vulnerability in Apple's systems as part of their "Operation Triangulation" research.
- Despite the vulnerability being a significant finding, Apple refused to pay the bounty reward to Kaspersky, citing that the vulnerability was not eligible for their bug bounty program.
- This incident has raised concerns about the transparency and fairness of Apple's bug bounty program, as researchers argue that such discoveries should be recognized and rewarded.

2. Vulnerability Linked to "Operation Triangulation":
- The vulnerability uncovered by Kaspersky was part of a broader research project called "Operation Triangulation," which aimed to explore the security of various technology platforms.
- The research involved identifying and exploiting vulnerabilities in different systems, including Apple's, in order to understand the potential risks and improve overall security.
- Kaspersky's findings were intended to be shared with the affected companies, including Apple, to help them address the identified vulnerabilities and strengthen their security measures.

3. Implications for Apple's Bug Bounty Program:
- The refusal to pay the bounty to Kaspersky has sparked discussions about the transparency and fairness of Apple's bug bounty program.
- Researchers argue that such discoveries, even if not directly eligible for the program, should be recognized and rewarded to incentivize security research and responsible disclosure.
- This incident may also raise questions about the criteria and processes used by Apple in their bug bounty program, and whether they are adequately incentivizing security researchers to uncover and report vulnerabilities.

Like summarized versions? Support us on Patreon!