Pwn2Own Vancouver 2024 hacking competition is over. Hackers earned $1,132,500 for showing 29 unique zero-days.
Participants in the Pwn2Own Vancouver 2024 hacking competition earned $1,132,500 for demonstrating 29 unique zero-days. On the first day, Team Synacktiv successfully demonstrated exploits against a Tesla car.
By infosecbulletin
/ Sunday , April 28 2024
This May, Dhaka, Bangladesh, will host Phoenix Summit 2024, a landmark event in the global cyber security arena. Set from...
Read More
By infosecbulletin
/ Saturday , April 27 2024
The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a...
Read More
By infosecbulletin
/ Friday , April 26 2024
Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have...
Read More
By infosecbulletin
/ Friday , April 26 2024
Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents. Many of these incidents...
Read More
By infosecbulletin
/ Friday , April 26 2024
According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if...
Read More
By infosecbulletin
/ Friday , April 26 2024
Someone is pretending to be Rajshahi University Vice-Chancellor, Professor Dr. Golam Sabbir Sattar, by creating a fake email account and...
Read More
By infosecbulletin
/ Friday , April 26 2024
Platform BreachForum, bad actor perell, same person who claimed to expose the data of "Bharat Sanchar Nigam Limited" BSNL for...
Read More
By infosecbulletin
/ Thursday , April 25 2024
“Our customers are our utmost priority and we are wholeheartedly dedicated to safe guarding their interests. It has come to...
Read More
By infosecbulletin
/ Thursday , April 25 2024
CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security...
Read More
By infosecbulletin
/ Thursday , April 25 2024
Google fixed a serious Chrome bug known as CVE-2024-4058 in the ANGLE graphics layer engine along with four vulnerabilities in...
Read More
The researcher Manfred Paul (@_manfp) won the Master of Pwn earning $202,500 and 25 points.
Participants demonstrated several zero-day exploits against various products such as Apple Safari, Google Chrome, and Microsoft Edge browsers, Windows 11, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and Tesla. On Day Two, Manfred Paul (@_manfp) managed to escape the sandbox in Mozilla Firefox by exploiting an OOB Write for the RCE and an exposed dangerous function bug. He was rewarded with $100,000 and 10 Master of Pwn points for this successful hack.
Seunghyun Lee, a researcher from KAIST Hacking Lab, used a UAF to remotely execute code in Microsoft Edge and Google Chrome. He earned $85,000 and 9 Master of Pwn points.
The STAR Labs SG team showed the first Docker desktop escape at the Pwn2Own hacking competition by using two vulnerabilities, including a UAF. They won $60,000 and 6 Master of Pwn points.
The complete list of results for the first Two of the Pwn2Own Vancouver 2024 hacking competition is available here:
https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results
Vendors have 90 days to fix the vulnerabilities found during the Pwn2Own hacking competition before they are publicly disclosed by TrendMicro’s Zero Day Initiative.