In the Pwn2Own Automotive first edition, competitors earned $1,323,750 by hacking Tesla twice and demonstrating 49 zero-day bugs in various electric car systems from January 24 to January 26.
Hackers targeted electric vehicle chargers, infotainment systems, and car operating systems during a contest organized by Trend Micro’s Zero Day Initiative (ZDI) in Tokyo, Japan, at the Automotive World auto conference.
By infosecbulletin
/ Wednesday , May 15 2024
According to the Threatmon advanced threat monitoring platform, LockBit is in the top position in the category of top active...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
On Tuesday (May 14), CISA released four Industrial Control Systems (ICS) advisories which provide timely information about current security issues,...
Read More
By infosecbulletin
/ Wednesday , May 15 2024
Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft...
Read More
By infosecbulletin
/ Tuesday , May 14 2024
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely...
Read More
By infosecbulletin
/ Monday , May 13 2024
The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...
Read More
By infosecbulletin
/ Monday , May 13 2024
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing...
Read More
By infosecbulletin
/ Saturday , May 11 2024
CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and...
Read More
By infosecbulletin
/ Saturday , May 11 2024
According to cybersecurity analysts at Dragos, while cloud adoption offers many benefits for industrial companies , it also poses certain...
Read More
Vendors have 90 days after a zero-day vulnerability is discovered and reported during Pwn2Own to fix it before Trend Micro’s Zero Day Initiative discloses it publicly.
Team Synacktiv won the Pwn2Own Automotive 2024 contest and received $450,000. Fuzzware.io got $177,500 and Midnight Blue/PHP Hooligans received $80,000.
Synacktiv hacked a Tesla car two times. On the first day, they found three vulnerabilities and gained root permissions on the Tesla Modem. On the second day, they demonstrated a Tesla Infotainment System sandbox escape using a two zero-day exploit chain.
They showed two different bug chains for the Ubiquiti Connect EV Station and the JuiceBox 40 Smart EV Charging Station. They also demonstrated a three-bug exploit for the Automotive Grade Linux OS.
Synactiv won the Pwn2Own Vancouver 2023 contest in March, earning $530,000 and a Tesla car for two exploit chains targeting its Gateway and Infotainment Unconfined Root.
Hackers won more than $1 million at Pwn2Own Toronto 2023 by discovering 58 zero-day exploits and various bugs in consumer products, including Samsung Galaxy S23, printers, surveillance systems, and NAS devices.
ZDI announced that Pwn2Own Vancouver 2024 will start on March 20th during CanSecWest 2024 Conference.
There will be a prize pool of more than $1,000,000 for finding vulnerabilities in software and automotive systems of Tesla Model 3 and Model S cars.