Complaining of 'Surplus' of iOS Exploits, Zerodium Stops Buying Them
wiredmikey writes: An abundance of iOS exploits being submitted to be sold should alarm iPhone/iPad users, according to the CEO of exploit acquisition firm Zerodium. The company announced that it was no longer buying certain types of iOS exploits in the next two to three months [including local privilege escalation, Safari remote code execution, and sandbox escape exploits] due to a surplus. And the company expects prices to drop in the near future. "iOS Security is fucked," Chaouki Bekrar, CEO of Zerodium said on Twitter, noting that they are already seeing many exploits designed to bypass pointer authentication codes and a few zero-day exploits that can help an attacker achieve persistence on all iPhones and iPads. "Let's hope iOS 14 will be better," he added. Bekrar said that only pointer authentication codes — which provide protection against unexpected changes to pointers in memory — and the difficulty to achieve persistence "are holding [iOS security] from going to zero."
from Slashdot https://ift.tt/2TdlAmW
Read more of this story at Slashdot.
from Slashdot https://ift.tt/2TdlAmW
Related Posts :
Lenovo's ThinkPad X1 Nano Weighs Only 1.99 Pounds and Is Powered By Intel Tiger Lake CPUs- PayPal Pledges To Reach Net-Zero Greenhouse Emissions By 2040
- UK Broadcaster Wins Injunction To Stop Reddit Moderator Sharing Pirated TV Shows
- Apple Reveals Line of Attack in App Store Trial Against Epic
- Proctorio Is Using Racist Algorithms To Detect Faces
0 Response to "Complaining of 'Surplus' of iOS Exploits, Zerodium Stops Buying Them"
Post a Comment