Monday , April 29 2024
pwn2own

29 0-days Uncovered : Hackers Earned $1,132,500 at Pwn2Own

infosecbulletin Saturday , March 23 2024 International

Pwn2Own Vancouver 2024 hacking competition is over. Hackers earned $1,132,500 for showing 29 unique zero-days.

Participants in the Pwn2Own Vancouver 2024 hacking competition earned $1,132,500 for demonstrating 29 unique zero-days. On the first day, Team Synacktiv successfully demonstrated exploits against a Tesla car.

Phoenix Summit 2024: Elevating Cyber security, Impact and Vision

By infosecbulletin / Sunday , April 28 2024
This May, Dhaka, Bangladesh, will host Phoenix Summit 2024, a landmark event in the global cyber security arena. Set from...
Read More
Phoenix Summit 2024: Elevating Cyber security, Impact and Vision

ALERT: SEKOIA REPORT
PlugX Malware Plagues Over 90k IP Addresses over 170 countries

By infosecbulletin / Saturday , April 27 2024
The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a...
Read More
ALERT: SEKOIA REPORT PlugX Malware Plagues Over 90k IP Addresses over 170 countries

Palo Alto network shared latest remediation of CVE-2024-3400

By infosecbulletin / Friday , April 26 2024
Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have...
Read More
Palo Alto network shared latest remediation of CVE-2024-3400

CISA Launches Ransomware Vulnerability Warning Pilot for Critical Infrastructure

By infosecbulletin / Friday , April 26 2024
Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents. Many of these incidents...
Read More
CISA Launches Ransomware Vulnerability Warning Pilot for Critical Infrastructure

WhatsApp warns India to exit, If…

By infosecbulletin / Friday , April 26 2024
According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if...
Read More
WhatsApp warns India to exit, If…

Fake e-mail of Rajshahi Univ VC’ name-picture, sending messages

By infosecbulletin / Friday , April 26 2024
Someone is pretending to be Rajshahi University Vice-Chancellor, Professor Dr. Golam Sabbir Sattar, by creating a fake email account and...
Read More
Fake e-mail of Rajshahi Univ VC’ name-picture, sending messages

Bad actor threat to expose BSNL 2.9 million data

By infosecbulletin / Friday , April 26 2024
Platform BreachForum, bad actor perell, same person who claimed to expose the data of "Bharat Sanchar Nigam Limited" BSNL for...
Read More
Bad actor threat to expose BSNL 2.9 million data

India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users

By infosecbulletin / Thursday , April 25 2024
“Our customers are our utmost priority and we are wholeheartedly dedicated to safe guarding their interests. It has come to...
Read More
India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users

CISA Releases Eight Industrial Control Systems Advisories

By infosecbulletin / Thursday , April 25 2024
CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security...
Read More
CISA Releases Eight Industrial Control Systems Advisories

Google fixed critical Chrome vulnerability CVE-2024-4058

By infosecbulletin / Thursday , April 25 2024
Google fixed a serious Chrome bug known as CVE-2024-4058 in the ANGLE graphics layer engine along with four vulnerabilities in...
Read More
Google fixed critical Chrome vulnerability CVE-2024-4058

The researcher Manfred Paul (@_manfp) won the Master of Pwn earning $202,500 and 25 points.

Participants demonstrated several zero-day exploits against various products such as Apple Safari, Google Chrome, and Microsoft Edge browsers, Windows 11, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and Tesla. On Day Two, Manfred Paul (@_manfp) managed to escape the sandbox in Mozilla Firefox by exploiting an OOB Write for the RCE and an exposed dangerous function bug. He was rewarded with $100,000 and 10 Master of Pwn points for this successful hack.

Seunghyun Lee, a researcher from KAIST Hacking Lab, used a UAF to remotely execute code in Microsoft Edge and Google Chrome. He earned $85,000 and 9 Master of Pwn points.

The STAR Labs SG team showed the first Docker desktop escape at the Pwn2Own hacking competition by using two vulnerabilities, including a UAF. They won $60,000 and 6 Master of Pwn points.

The complete list of results for the first Two of the Pwn2Own Vancouver 2024 hacking competition is available here:

https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results

Vendors have 90 days to fix the vulnerabilities found during the Pwn2Own hacking competition before they are publicly disclosed by TrendMicro’s Zero Day Initiative.

Check Also

india

WhatsApp warns India to exit, If…

According to the report by several Indian media, social media platform Meta will withdraw its …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin