A safety researcher has earned $100,000 for locating a Safari exploit on the Zero Day hackathon occasion.
As reported by MacRumors, safety researcher Jack Dates found a Safari to kernel zero-day exploit in the course of the occasion, incomes Dates $100,00.
Apple merchandise weren’t closely focused in Pwn2Own 2021, however on day one, Jack Dates from RET2 Methods executed a Safari to kernel zero-day exploit and earned himself $100,000. He used an integer overflow in Safari and an OOB write to get kernel-level code execution, as demoed within the tweet under.
Different hacking makes an attempt in the course of the Pwn2Own occasion focused Microsoft Trade, Parallels, Home windows 10, Microsoft Groups, Ubuntu, Oracle VirtualBox, Zoom, Google Chrome, and Microsoft Edge.
The Zero Day Initiative, because it explains on the website, encourages safety researchers to search out zero-day vulnerabilities by compensating them for his or her discoveries.
The Zero Day Initiative (ZDI) was created to encourage the reporting of 0-day vulnerabilities privately to the affected distributors by financially rewarding researchers. On the time, there was a notion by some within the data safety business that those that discover vulnerabilities are malicious hackers trying to do hurt. Some nonetheless really feel that means. Whereas expert, malicious attackers do exist, they continue to be a small minority of the whole quantity of people that really uncover new flaws in software program.
You may take a look at an summary of the Zero Day Initiative under: