NEW YORK, Aug. 01, 2024 (GLOBE NEWSWIRE) -- CertiK, the industry-leading Web3 security firm, was once again recognized by Apple for maintaining outstanding security measures and prioritizing customer protection to foster a robust ecosystem. In addition to its strong technical strength, CertiK maintains a customer security-first philosophy, which is the basis for building mutual trust with Apple.

July 29 marks the fifth time Apple has publicly thanked CertiK for assisting the company in discovering and fixing vulnerabilities; CertiK has thus become the Web3 security agency most publicly thanked by Apple.

During CertiK’s recent work with Apple, it identified and fixed the following two common vulnerabilities and exposures (CVEs):

 

CVE-2024-27863: CertiK discovered a core vulnerability in iOS 17.6, iPadOS 17.6, macOS Sonoma 14.6, and watchOS 10.6, which could have enabled an attacker to identify the structure of kernel memory. Apple addressed this vulnerability through improved private data editing of log entries.

 

Source: https://support.apple.com/en-us/HT214117

CVE-2024-27863: CertiK discovered a core vulnerability in iOS 17.6, iPadOS 17.6, macOS Sonoma 14.6, and watchOS 10.6, which could have enabled an attacker to identify the structure of kernel memory. Apple addressed this vulnerability through improved private data editing of log entries.

 

CVE-2024-27878: CertiK discovered a vulnerability related to ASP TCP in macOS Sonoma 14.6, which could have permitted arbitrary code execution with kernel privileges. Apple addressed this issue by improving buffer overflow through improved memory handling.

Source: https://support.apple.com/en-us/HT214119

 

CVE-2024-27878: CertiK discovered a vulnerability related to ASP TCP in macOS Sonoma 14.6, which could have permitted arbitrary code execution with kernel privileges. Apple addressed this issue by improving buffer overflow through improved memory handling.

CertiK’s comprehensive cybersecurity solutions cover multiple key areas:

  • Smart contract audits, which are conducted through a self-developed automated static analysis toolkit, and enhance the detection of potential defects and key risks — especially those that are difficult to detect through manual audits.
  • KYC service, which hinders malicious actors by verifying the identity of project owners and development teams, thus enhancing trust across Web3 and reducing fraud.
  • Skynet Rating system, which provides users with an analytical platform that displays risk factors of various blockchain projects, thereby enhancing user confidence and improving overall safety.
  • CertiK Alert, which provides real-time updates on security incidents, vulnerabilities, and other critical issues related to blockchain infrastructure and smart contracts.

CertiK is dedicated to pioneering security measures with a deep-seated commitment to protecting its clients. By cultivating a culture of trust and innovation, CertiK aims to set new cybersecurity benchmarks and exceed expectations by customers who rely on its products for safety and security.

Contact:
Elisa Yiting Xu
yiting.xu@certik.com

Photos accompanying this announcement are available at:

https://www.globenewswire.com/NewsRoom/AttachmentNg/52585a0a-b3c7-45ab-a2fe-56928525550e

https://www.globenewswire.com/NewsRoom/AttachmentNg/4e8936d1-cdf6-4443-9483-1b0efe933f14