Pwn2Own 2016: Για άλλη μια φορά, τα μεγάλα προγράμματα περιήγησης βρέθηκαν στο στόχαστρο των hackers που έλαβαν μέρος στο διήμερο competition ασφαλείας Pwn2Own.
This two -day security gaps were presented on Google Chrome, Microsoft Edge, and Apple's Safari. A total of $ 460.000 were awarded for 21 vulnerabilities which were discovered in the three browsers, Windows, OS X, and of course Flash.
The total of last year's profits was 557.500 dollars.
The annual Pwn2Own contest is held annually by 2007 at the CanSecWest Safety Conference.
The goal of the contest is to violate widely used software and portable devices with vulnerabilities that have not been made public. The reward is cash and awards.
The name of the contest comes from the fact that contestants have to Pwn (another way to say "hack") the device in order to become "their" (to Own or 2Own)
Of the three browsers, Chrome did better. Two attempts were made to breach the program: one failed and the other was deemed partially successful. The latest Exploit had already been mentioned to Google, so it did not attribute to the hacker all profits.
But Edge and Safari did not manage to escape from any attack. Two attempts were made in the Microsoft browser and three attempts in the Apple browser.
All attempts were successful (2 / 2 for Edge and 3 / 3 for Safari). The biggest prize money for a single effort was $ 85.000 for a Microsoft Edge pwning.
The 21 security gaps shown:
- Microsoft Windows: 6
- Apple OS X: 5
- Adobe Flash: 4
- Apple Safari: 3
- Microsoft Edge: 2
- Google Chrome: 1 (already reported to the company)
Firefox is completely missing from the list.
https://www.youtube.com/watch?v=DOmzWKW-mto
https://www.youtube.com/watch?v=Sh8pveFv2DI