Apple Buys Security Firm LegbaCore That Exposed Vulnerabilities in OS X
Apple has acquired LegbaCore, a security firm that has in the past pointed out vulnerabilities in its firmware. The Cupertino-based company quietly made the acquisition last year.
As part of the buyout, which was revealed by security researcher Trammell Hudson in a presentation back last month (via MacRumors), Xeno Kovah and Corey Kallenberg, two researchers at the firm joined Apple as full-time employees in November 2015.
For those not familiar with LegbaCore’s work, the team has found multiple vulnerabilities in what is otherwise considered very secure, OS X firmware. In fact, Apple credited the two researchers twice last year for finding vulnerabilities in its products.
Last year, Hudson and Kovah developed first-of-its-kind malware that impacted OS X’s firmware – Thunderstrike 2. The proof-of-concept worm that they created exposed potential security flaw on Apple’s computing devices.
Kovah tweeted recently that Apple began discussions with them last year. Going by his tweets, Applefound their work “highly impactful” and deemed it worthy enough to acquire their firm.
“We focus on security at the deepest darkest levels of computer systems. Specifically the areas where attackers can persist indefinitely without fear of detection, because you have zero visibility at that level,” the firm’s website describes them.
Apple’s decision to acquire LegbaCore could be instrumental in inspiring many more talented security researchers to take the right route and work with commendable companies to use their skills for good. As we have seen before, there’s a black market out there, with many talented hackers wasting their skills doing something illegal.