Date: Wednesday, February 3rd, 2016, 08:10
Category: security, Uncategorized
When in doubt, buy one of the best security firms you can get your hands on.
Back in November of 2015, Apple quietly acquired security consultancy firm LegbaCore. The acquisition was initially revealed back in December by security researcher Trammell Hudson during a presentation at the 32C3 conference. The acquisition was further corroborated by a series of tweets from founder Xeno Kovah and the company’s website, which states that it is “not accepting any new customer engagements.”
The specific details are unclear, although Kovah and his partner Corey Kallenberg are working full-time at Apple, although their specific roles are unclear. Kovah only stated that he and Kallenbeg would be working on “low level security” at the company.
LegbaCore and Trammell Hudson were the first to discover the first firmware worm that could affect Macs in Thunderstrike 2, which was publicly revealed last August. Thunderstrike 2 was able to survive a full erase and reinstall of OS X because it attacked firmware tied to specific hardware components. LegbaCore alerted Apple to the problem prior to making it public and Apple was able to begin patching it.
This may have been what opened the gate to the acquisition, as Apple began expressing interest in the purchase last summer. “As we were having discussions with Apple in the wake of our presentation this summer,” Kovah tweeted, “it became clear that Apple had some *very* interesting and highly impactful work that we could participate in.”
This isn’t entirely unexpected, the acquisition working more as a hire, and it never hurts to have some excellent security people around.