Kaspersky reported one of the iOS vulnerabilities found in Operation Triangulation. However, in a bizarre update, Apple reportedly refused to pay the security bounty.
  • Kaspersky uncovered iOS vulnerabilities in ‘Operation Triangulation’, reported to Apple, but was refused bounty payment
  • Apple’s Security Bounty Program offers rewards up to $1 million for discovering vulnerabilities to prevent them from being sold on the dark web
  • Apple’s refusal to pay Kaspersky could be due to restrictions on financial transactions with companies in sanctioned countries like Russia.
  • cbarrick@lemmy.worldEnglish
    1376·
    1 year ago

    Apple Security Bounty awards may not be paid to you if you are in any U.S. embargoed countries or on the U.S. Treasury Department’s list of Specially Designated Nationals, the U.S. Department of Commerce Denied Person’s List or Entity List, or any other restricted party lists.

    Kaspersky can whine all they want. Russia is embargoed. They’re not getting their money.

    Kaspersky is a good company doing good work in the cyber security space. Unfortunately, because of the embargo, they may have to turn to the black market to sell future exploits. Or maybe not; I’m not totally sure what kind of ethical standards they have.

      • alcoholicorn@lemmy.mlEnglish
        5610·
        1 year ago

        Apple could have tried to work with them and said something like “We’ll pay when the embargo ends”, since now Kapersky has every reason to sell their next apple exploit on the black market.

        They’ve just turned a department of people successfully working to make apple more secure into a department of people working to make it less secure.