Pwn2Own 2016: Once again, the big programs tours were targeted by hackers who took part in the two-day Pwn2Own security competition.
In this two-day period, security gaps were presented in Google Chrome, τον Microsoft Edge, και το Safari της Apple. Απονεμήθηκαν συνολικά 460.000 δολάρια για 21 vulnerabilities which were discovered in the three browsers, Windows, OS X, and of course Flash.
The total of last year's profits was 557.500 dollars.
The annual Pwn2Own contest is held annually by 2007 at the CanSecWest Safety Conference.
Στόχος του διαγωνισμού είναι να η παραβίαση ευρέως χρησιμοποιούμενου λογισμικού και φορητών συσκευών με τα vulnerable σημεία που δεν έχουν δημοσιοποιηθεί. Το αντάλλαγμα είναι μετρητά και βραβεία.
The name of the contest comes from the fact that contestants have to Pwn (another way to say "hack") the device in order to become "their" (to Own or 2Own)
Of the three browsers, Chrome went better. Two attempts were made to violate the program: One failed and the other was judged to be a partial success. The last exploit had already been reported to Google, so it did not yield any profits to the hacker.
Edge and Safari, however, were unable to escape any attack. Two attempts were made at browser Microsoft's and three attempts at Apple's browser.
All attempts were successful (2 / 2 for Edge and 3 / 3 for Safari). The biggest prize money for a single effort was $ 85.000 for a Microsoft Edge pwning.
The 21 security gaps shown:
- Microsoft Windows: 6
- Apple OS X: 5
- Adobe Flash: 4
- Apple Safari: 3
- Microsoft Edge: 2
- Google Chrome: 1 (already reported to the company)
Firefox is completely missing from the list.
https://www.youtube.com/watch?v=DOmzWKW-mto
https://www.youtube.com/watch?v=Sh8pveFv2DI