Apple is known for its top-notch privacy and security capabilities. Apple products and services are currently being used by billions of people worldwide. Any security loopholes or threats can have extremely severe consequences. Naveen Kumar, a Security Engineer at Accubits Technologies, discovered a security bug in one of Apple’s applications and was enlisted in Apple Web Server Security Acknowledgements when he reported it.
Naveen identified a subdomain security issue on one of Apple’s websites. During his research, he discovered that one subdomain was not handling errors accurately, allowing attackers to inject any text or HTML code. This vulnerability patch would allow code-based attacks like HTML injection.
Apple acknowledges the individuals who identify and report the bug in its Hall of Fame. Apple only publishes the list after addressing and solving the security issue. The bug reporters are ranked according to the number of valid bug reports they have sent in, the severity, and how recent the report was. Naveen Kumar is working as a Security Engineer at Accubits Technologies, specializing in computer and network security, vulnerability assessment, malware analysis, and Incident Response. Naveen has participated in such bug bounty programs and has been featured in the Hall of Fame of various other organizations like Google, Zoho, Mozilla, cPanel, etc.