Kaspersky reported one of the iOS vulnerabilities found in Operation Triangulation. However, in a bizarre update, Apple reportedly refused to pay the security bounty.
  • Kaspersky uncovered iOS vulnerabilities in ‘Operation Triangulation’, reported to Apple, but was refused bounty payment
  • Apple’s Security Bounty Program offers rewards up to $1 million for discovering vulnerabilities to prevent them from being sold on the dark web
  • Apple’s refusal to pay Kaspersky could be due to restrictions on financial transactions with companies in sanctioned countries like Russia.
    • alcoholicorn@lemmy.mlEnglish
      1·
      24 days ago

      Apple could have tried to work with them and said something like “We’ll pay when the embargo ends”, since now Kapersky has every reason to sell their next apple exploit on the black market.

      They’ve just turned a department of people successfully working to make apple more secure into a department of people working to make it less secure.

      • mindlight@lemm.eeEnglish
        1·
        24 days ago

        Apple could have tried to work with them and said something like “We’ll pay when the embargo ends”

        …aaaaand that would most likely be trying to circumvent the sanctions by essentially receiving credit from Kaspersky on delivered services.

        Not saying the situation is optional, but the sanctions would be extremely toothless if it was that easy to circumvent.

        • ours@lemmy.worldEnglish
          1·
          24 days ago

          How is holding the money until (and if) the sanctions are lifted, “circumventing”?

          However unlikely it would be, if the sanctions are lifted (maybe Russia gets a new, sane Government, calls off its invasion, stops its international shenanigans), wouldn’t it be OK to pay this company then?