Category Archives: PWN2OWN

Researchers earn thousands for exposing mobile device exploits at Pwn2Own

Posted on by

Security researchers competing in the Pwn2Own competition in Tokyo this week earned a collective $325,000 for demonstrating new exploits on devices made by Samsung, Xiaomi, and Apple. Pwn2Own, a series of contests run by the Zero Day Initiative, brings security researchers to compete to expose the most vulnerabilities in popular software and devices. The competition in Tokyo on Tuesday and Wednesday focused on mobile devices. Researchers showed off an array of different methods in which the devices could be compromised, according to blogs posted by the Zero Day Initiative. Among their conquests, a duo of hackers known as Fluoroacetate used near-field communication to force the Xiaomi Mi6 phone to a custom website. They then executed code on a Samsung Galaxy S9 using a baseband vulnerability, and successfully exfiltrated a deleted picture from an iPhone X. A team of researchers from MWR Labs, division of F-Secure, used a string of different bugs to force the Xiaomi Mi6 and […]

The post Researchers earn thousands for exposing mobile device exploits at Pwn2Own appeared first on Cyberscoop.

Continue reading Researchers earn thousands for exposing mobile device exploits at Pwn2Own

Hackers pwn Edge, Firefox, Safari, macOS, & VirtualBox at Pwn2Own 2018

Posted on by

By Waqas
The white hat hackers at Pwn2Own 2018, have once again proved
This is a post from HackRead.com Read the original post: Hackers pwn Edge, Firefox, Safari, macOS, & VirtualBox at Pwn2Own 2018
Continue reading Hackers pwn Edge, Firefox, Safari, macOS, & VirtualBox at Pwn2Own 2018

Hackers beat Firefox and Safari to earn $105K at Pwn2Own

Posted on by

Zero-day exploits earned hackers $105,000 in total on Thursday during the second day of the Pwn2Own contest in Vancouver, British Columbia. Packed into a small basement room, a rapt crowd watched as Richard Zhu successfully hacked Firefox and gained control of the target computer to win $50,000 and clinch the overall victory for the competition. That in addition to his wins Wednesday, when he earned $70,000 successfully targeting Microsoft Edge with an exploit that took him almost a week of work to develop. Zhu, a veteran of the world class Carnegie Mellon University capture the flag (CTF) team as well as previous Pwn2Own competitions, had a particularly memorable run against Microsoft Edge when he debugged his exploit on the fly and on the clock, succeeding on his third and final attempt. It followed a three-strike failure when Zhu opened the contest with an unsuccessful attempt to hack Safari, Apple’s default browser. “I put a lot of work into […]

The post Hackers beat Firefox and Safari to earn $105K at Pwn2Own appeared first on Cyberscoop.

Continue reading Hackers beat Firefox and Safari to earn $105K at Pwn2Own

Safari, Microsoft Edge exploits earn hackers $135k at Pwn2Own

Posted on by

Zero-day exploits netted hackers $135,000 in total on Wednesday during the Pwn2Own contest in Vancouver, British Columbia. Exploits targeting Apple Safari and Microsoft Edge web browsers were the highlight of Pwn2Own’s first day, a zero-day vulnerability hacking contest organized by Trend Micro’s Zero Day Initiative. Some of the best hackers in the world attended this year for a chunk of $2 million in prizes. One of the biggest wins of the day belonged to Samuel Groß (saelo) who successfully targeted Apple Safari with a macOS kernel escalation of privilege. He capped off his $65,000 payday with a bit of showmanship by signing the touchbar on a MacBook Pro: Success! Samuel Groß (@5aelo) manages to pop calc and brings back his trademark touchbar finesse. Now off to the disclosure room for confirmation and vendor notification. pic.twitter.com/REQh1kHBjB — Zero Day Initiative (@thezdi) March 14, 2018 Richard Zhu, a veteran of Pwn2Own, competed twice on Wednesday. […]

The post Safari, Microsoft Edge exploits earn hackers $135k at Pwn2Own appeared first on Cyberscoop.

Continue reading Safari, Microsoft Edge exploits earn hackers $135k at Pwn2Own

Sharing research and discoveries at PWN2OWN

Posted on by

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform t… Continue reading Sharing research and discoveries at PWN2OWN

China’s government is keeping its security researchers from attending conferences

Posted on by

The Chinese government has taken steps to bar its country’s security researchers from sharing their knowledge at some foreign cybersecurity events, especially those organized in Western countries, sources tell CyberScoop. A popular hacking competition that’s taking place March 14-16 in Vancouver, Canada, titled “Pwn2Own,” will be impacted by this recent shift in Chinese policy, event organizers say. “There have been regulatory changes in some countries that no longer allow participation in global exploit contests, such as Pwn2Own and Capture the Flag competitions,” explained Brian Gorenc, director of Trend Micro’s Zero Day Initiative, which manages the Pwn2Own event. A spokesperson for Trend Micro clarified that Gorenc’s comment was specifically aimed at China. There will be no Chinese research teams at Pwn2Own this year. The change will be especially obvious, past attendees told CyberScoop, because for the last several years Chinese teams have dominated the competition.   At Pwn2Own, teams compete to […]

The post China’s government is keeping its security researchers from attending conferences appeared first on Cyberscoop.

Continue reading China’s government is keeping its security researchers from attending conferences