Wednesday , May 15 2024
pwn2own

29 0-days Uncovered : Hackers Earned $1,132,500 at Pwn2Own

infosecbulletin Saturday , March 23 2024 International

Pwn2Own Vancouver 2024 hacking competition is over. Hackers earned $1,132,500 for showing 29 unique zero-days.

Participants in the Pwn2Own Vancouver 2024 hacking competition earned $1,132,500 for demonstrating 29 unique zero-days. On the first day, Team Synacktiv successfully demonstrated exploits against a Tesla car.

Newly circulated reserve theft is false: Bangladesh Bank

By infosecbulletin / Tuesday , May 14 2024
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely...
Read More
Newly circulated reserve theft is false: Bangladesh Bank

Bangladesh bank published CBS guideline Version 2.0

By infosecbulletin / Monday , May 13 2024
The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...
Read More
Bangladesh bank published CBS guideline Version 2.0

Fortinet report
Attackers exploiting vulnerabilities 50% faster, just 4.76 days

By infosecbulletin / Monday , May 13 2024
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...
Read More
Fortinet report Attackers exploiting vulnerabilities 50% faster, just 4.76 days

TechCrunch report
Indian gov.t sites compromised to plant online betting ads

By infosecbulletin / Sunday , May 12 2024
Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...
Read More
TechCrunch report Indian gov.t sites compromised to plant online betting ads

Damage Costs Predicted To Exceed $265 Billion By 2031
Ransomware expected to attack every 2 seconds by 2031

By infosecbulletin / Sunday , May 12 2024
Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing...
Read More
Damage Costs Predicted To Exceed $265 Billion By 2031 Ransomware expected to attack every 2 seconds by 2031

ALERT CISA WARNS
Black Basta ransomware breached over 500 orgs worldwide

By infosecbulletin / Saturday , May 11 2024
CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and...
Read More
ALERT CISA WARNS Black Basta ransomware breached over 500 orgs worldwide

Cyber Attack On Data Center Cooling Systems results disruption

By infosecbulletin / Saturday , May 11 2024
According to cybersecurity analysts at Dragos, while cloud adoption offers many benefits for industrial companies , it also poses certain...
Read More
Cyber Attack On Data Center Cooling Systems results disruption

Chrome Zero-Day Alert — Update Your Browser to Patch

By infosecbulletin / Friday , May 10 2024
Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited...
Read More
Chrome Zero-Day Alert — Update Your Browser to Patch

Dell Discloses Data Breach: 49 million customers allegedly affected

By infosecbulletin / Friday , May 10 2024
A security breach has been reported, with a threat actor claiming to be selling a database with 49 million customer...
Read More
Dell Discloses Data Breach: 49 million customers allegedly affected

BIG VULNERABILITIES IN NEXT-GEN BIG-IP

By infosecbulletin / Thursday , May 9 2024
Eclypsium recently found flaws in F5’s BIG-IP Next Central Manager, which could let attackers take control of the network. BIG-IP...
Read More
BIG VULNERABILITIES IN NEXT-GEN BIG-IP

The researcher Manfred Paul (@_manfp) won the Master of Pwn earning $202,500 and 25 points.

Participants demonstrated several zero-day exploits against various products such as Apple Safari, Google Chrome, and Microsoft Edge browsers, Windows 11, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and Tesla. On Day Two, Manfred Paul (@_manfp) managed to escape the sandbox in Mozilla Firefox by exploiting an OOB Write for the RCE and an exposed dangerous function bug. He was rewarded with $100,000 and 10 Master of Pwn points for this successful hack.

Seunghyun Lee, a researcher from KAIST Hacking Lab, used a UAF to remotely execute code in Microsoft Edge and Google Chrome. He earned $85,000 and 9 Master of Pwn points.

The STAR Labs SG team showed the first Docker desktop escape at the Pwn2Own hacking competition by using two vulnerabilities, including a UAF. They won $60,000 and 6 Master of Pwn points.

The complete list of results for the first Two of the Pwn2Own Vancouver 2024 hacking competition is available here:

https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results

Vendors have 90 days to fix the vulnerabilities found during the Pwn2Own hacking competition before they are publicly disclosed by TrendMicro’s Zero Day Initiative.

Check Also

Paris

Outpost24 report
Cybersecurity Loopholes in Paris 2024 Olympics Infrastructure

The 2024 Olympic Games in Paris are coming soon. A recent cybersecurity assessment by Outpost24, …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin