PWN2OWN – Page 5 – WindowsTechs.com

Pwn2Own hackers go remote, then crack macOS and Oracle machines anyway

Posted on March 20, 2020 by Jeff Stone

If any demographic should be set up to work remotely, it’s hackers. The Pwn2Own hacking contest, in which security researchers earn rewards by uncovering flaws in commercial technology, closed its spring 2020 edition Thursday after participants probed systems like the macOS and Oracle VirtualBox. It’s a premier competition that global technology firms now use to recruit bug hunters who might be able to help protect widely used products. Unlike prior contests, which have taken place in Vancouver and Miami, organizers conducted much of this tournament online amid the novel coronavirus pandemic. For participants, it didn’t seem to make much of a difference. The @Synacktiv team of @OnlyTheDuck and @BrunoPujos are setting up for their attempt against #VMware Workstation. #Pwn2Own pic.twitter.com/s3WGTG9plI — Zero Day Initiative (@thezdi) March 19, 2020 The winning team, called Fluoroacetate, made up of researchers Amat Cama and Richard Zhu, demonstrated ways to crack Microsoft Windows and Adobe […]

The post Pwn2Own hackers go remote, then crack macOS and Oracle machines anyway appeared first on CyberScoop.

Continue reading Pwn2Own hackers go remote, then crack macOS and Oracle machines anyway→

Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

Posted on January 22, 2020 by Tara Seals

The competition targets the systems that run critical infrastructure and more. Continue reading Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment→

Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked

Posted on November 18, 2019 by Elizabeth Montalbano

White-hat hackers using never-before-seen zero days against popular applications and devices against competed at two-day gathering in Chengdu. Continue reading Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked→

Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers

Posted on November 8, 2019 by Tara Seals

The latest edition of the bi-annual hacking contest saw creative exploits in new device categories. Continue reading Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers→

Pwn2Own Expands Into Industrial Control Systems Hacking

Posted on October 28, 2019 by Lindsey O'Donnell

White-hat hackers will now have the chance to win $20,000 for sniffing out remote code-execution flaws in industrial control systems. Continue reading Pwn2Own Expands Into Industrial Control Systems Hacking→

Pwn2Own hacking competition expands to industrial control systems

Posted on October 28, 2019 by Sean Lyngaas

For years, Pwn2Own, a competition that rewards researchers for finding previously unknown software flaws, has focused on code used in enterprise IT networks rather than programs that supports critical infrastructure operations. That is all going to change in January, when the contest heads to Miami and exposes white-hat hackers to popular software and protocols used in industrial control systems (ICS). Contestants will have a matter of minutes to demonstrate zero-day exploits that they’ve developed beforehand. Cash prizes worth $250,000 will be available to winners, Zero Day Initiative (ZDI), the organization that runs Pwn2Own, said Monday. For an ICS industry accustomed to non-disclosure agreements related to security testing, the Pwn2Own free-for-all format is a “radical concept,” said Dale Peterson, the founder of the annual S4 security conference, which will host the Pwn2Own competition. The vulnerabilities that Pwn2Own participants discover are revealed to the vendor responsibly so they can be fixed. “That’s saying, ‘We have some confidence in our equipment. […]

The post Pwn2Own hacking competition expands to industrial control systems appeared first on CyberScoop.

Continue reading Pwn2Own hacking competition expands to industrial control systems→

VMware patches critical vulnerabilities

Posted on April 2, 2019 by Danny Bradbury

VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own. Continue reading VMware patches critical vulnerabilities→

Tesla Model 3’s onboard browser attacked successfully at Pwn2Own

Posted on March 25, 2019 by Joe Warminsky

A prolific duo of white-hat hackers exploited a previously unknown flaw in the web browser for the Tesla Model 3’s infotainment system on the third and final day of the Pwn2Own competition in Vancouver, demonstrating the first automotive zero-day in the event’s history. Team “Flouroacetate” — aka Amat Cama and Richard Zhu — used the Tesla hack on Friday to cap off a dominant run in the competition, which takes place annually during the CanSecWest security conference. Cama and Zhu successfully demonstrated zero-day exploits on popular web browsers and widely used virtualization software during the first two days. The Zero Day Initiative (ZDI), the organization that runs Pwn2Own, didn’t release many details about the Tesla hack. Given the sensitivity of any flaws in automotive software, it’s hardly surprising. But the value of Cama and Zhu’s research to Tesla is clear: Not only did they win cash for their demonstration, they […]

The post Tesla Model 3’s onboard browser attacked successfully at Pwn2Own appeared first on CyberScoop.

Continue reading Tesla Model 3’s onboard browser attacked successfully at Pwn2Own→

Firefox, Edge, Safari, Tesla & VMware pwned at Pwn2Own

Posted on March 23, 2019 by Waqas

By Waqas
Pwn2Own 2019 has yet again proved that a secure system is nothing else but a myth. In its two days running, the contest has claimed many high-profile victims including the likes of Tesla, Firefox, and Safari. Pwn2Own is an annual hacking conte… Continue reading Firefox, Edge, Safari, Tesla & VMware pwned at Pwn2Own→

Mozilla Firefox, Microsoft Edge succumb in web browser competition at Pwn2Own

Posted on March 22, 2019 by Joe Warminsky

The first day of this year’s Pwn2Own competition featured successful zero-day exploits on a popular web browser, and day two was no different, with the “Fluoroacetate” duo of Amat Cama and Richard Zhu turning their attention to Mozilla’s Firefox and Microsoft’s Edge. The team took home another $180,000 for their attacks, bringing their overall winnings to $340,000 for the competition, which highlights critical bugs in widely distributed software. Thursday’s winners also included Niklas Baumstark, who won $40,000 for a Firefox attack, and Arthur Gerkis of Exodus Intelligence, who won $50,000 for successfully targeting Edge. Competitors spend months preparing for the annual Pwn2Own hacking contest in Vancouver, which takes place during the CanSecWest security conference. Participants are tasked with trying to find vulnerabilities in widely used technology, and rewarded with cash prizes. They are only given a short amount of time to demonstrate their exploits for the crowd and judges. Team Flouroacetate’s attacks on […]

The post Mozilla Firefox, Microsoft Edge succumb in web browser competition at Pwn2Own appeared first on CyberScoop.

Continue reading Mozilla Firefox, Microsoft Edge succumb in web browser competition at Pwn2Own→