What Apple’s FaceTime vulnerability can teach us about responsible disclosure

What Apple’s FaceTime vulnerability can teach us about responsible disclosure

Earlier this month, a critical FaceTime security vulnerability was found by an ordinary 14-year-old and reported by his mother to Apple. The discovery of this bug, and the struggle to report it, serves as an eye-opener for many organisations. Responsible disclosure can be challenging, even for those operating an invite-only bug bounty programme, such as Apple. No company wants to be the last to hear about a critical vulnerability an end-user found in their product or website. So how can organisations better work with hackers to find their critical vulnerabilities fast? There are several best practices any company can follow to increase the chances for disclosure success.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles