Pwn2Own Vancouver 2024 hacking competition is over. Hackers earned $1,132,500 for showing 29 unique zero-days.
Participants in the Pwn2Own Vancouver 2024 hacking competition earned $1,132,500 for demonstrating 29 unique zero-days. On the first day, Team Synacktiv successfully demonstrated exploits against a Tesla car.
By infosecbulletin
/ Tuesday , May 14 2024
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely...
Read More
By infosecbulletin
/ Monday , May 13 2024
The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...
Read More
By infosecbulletin
/ Monday , May 13 2024
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing...
Read More
By infosecbulletin
/ Saturday , May 11 2024
CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and...
Read More
By infosecbulletin
/ Saturday , May 11 2024
According to cybersecurity analysts at Dragos, while cloud adoption offers many benefits for industrial companies , it also poses certain...
Read More
By infosecbulletin
/ Friday , May 10 2024
Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited...
Read More
By infosecbulletin
/ Friday , May 10 2024
A security breach has been reported, with a threat actor claiming to be selling a database with 49 million customer...
Read More
By infosecbulletin
/ Thursday , May 9 2024
Eclypsium recently found flaws in F5’s BIG-IP Next Central Manager, which could let attackers take control of the network. BIG-IP...
Read More
The researcher Manfred Paul (@_manfp) won the Master of Pwn earning $202,500 and 25 points.
Participants demonstrated several zero-day exploits against various products such as Apple Safari, Google Chrome, and Microsoft Edge browsers, Windows 11, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and Tesla. On Day Two, Manfred Paul (@_manfp) managed to escape the sandbox in Mozilla Firefox by exploiting an OOB Write for the RCE and an exposed dangerous function bug. He was rewarded with $100,000 and 10 Master of Pwn points for this successful hack.
Seunghyun Lee, a researcher from KAIST Hacking Lab, used a UAF to remotely execute code in Microsoft Edge and Google Chrome. He earned $85,000 and 9 Master of Pwn points.
The STAR Labs SG team showed the first Docker desktop escape at the Pwn2Own hacking competition by using two vulnerabilities, including a UAF. They won $60,000 and 6 Master of Pwn points.
The complete list of results for the first Two of the Pwn2Own Vancouver 2024 hacking competition is available here:
https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results
Vendors have 90 days to fix the vulnerabilities found during the Pwn2Own hacking competition before they are publicly disclosed by TrendMicro’s Zero Day Initiative.