Search Results for 'pwn2own'

Pwn2Own 2014: All Browsers Defeated

By | March 19, 2014 | 0 Comments

Pwn2Own 2014: All Browsers DefeatedIt looks like this year’s Pwn2Own hacking contest was pretty eventful and all web browsers got their asses kicked.

On the first day, a team from France has successfully hacked Internet Explorer 11, Firefox and Adobe Flash Player. The very same research firm also managed to find a vulnerability in Google Chrome, which affects both WebKit and Blink rendering engines.

Next day Sebastian Apelt and Andreas Schmidt have demonstrated a browser based exploit against Microsoft’s web browser, followed by a Chinese team that managed to bypass Safari’s sandbox and run remote code execution through it.
Continue Reading

Pwn2Own 2013: All Browsers Fail

By | March 8, 2013 | 17 Comments

Pwn2Own 2013: All Browsers FailNo one cared about Safari.

With the Pwn2Own hacking contest coming to an end, it was revealed that every major web browser was hacked.

Google Chrome exploit allowed for a full breakout from its invincible sandbox resulting in a $100,000 reward, while both Firefox and Internet Explorer were exploited by a security firm VUPEN, resulting in a total of $160,000 in bounty payments ($60,000 and $100,000 respectively).

What about Safari? As it turns out, no one even pre-registered for Apple’s web browser this year despite the $75,000 prize.
Continue Reading

Download Firefox 11 Final

By | March 15, 2012 | 5 Comments

Download Firefox 11 FinalEven though the final Firefox 11 build was supposed to be delayed due to the security flaw, which was discovered during the Pwn2Own content, it looks like Mozilla went ahead and fixed everything just in time.

However, it looks like the Firefox devs will have to start buying cakes of their own as Microsoft halted the tradition, thanks to the faster development cycles.

So what’s new in Firefox 11?
Continue Reading

Google Chrome Pwn2Own Vulnerability Patched

By | March 9, 2012 | 2 Comments
Google Chrome Pwn2Own Vulnerability Patched

From left to right Jim Hebert, Cris Necker, Justin Schuh

Just 24 hours after reporting the critical vulnerability in Google’s Chrome web browser, the search giant has already released a patch to address the issue.

Identified as a bug CVE-2011-3046, discovered vulnerability is described as “UXSS and bad history navigation”, with no additional details revealed.
Continue Reading

Hackers Rejoice, Google Chrome Fails Twice

By | March 8, 2012 | 13 Comments

Hackers Rejoice, Google Chrome Fails TwiceSecurity contests prove to be useful.

Just as some might have thought that Google’s Chrome sandboxing feature is bullet proof, Sergey Glazunov, a security researcher who have found quite a few vulnerabilities in the fast, has enriched his life with a $60k reward, received for a “Full Chrome” exploit, which bypassed the sandbox feature. Although Google Chrome was previously known to withstand various attacks in Pwn2Own and similar contests, this time it was the first to fail.

Justin Schuh, Chrome’s security team member said, “It was an impressive exploit. It required a deep understanding of how Chrome works. This is not a trivial thing to do. It’s a very difficult and that’s why we’re paying $60,000.”
Continue Reading

Google Will Pay Up To $1 Million To The Google Chrome Hackers

By | March 2, 2012 | 4 Comments

Google Will Pay Up To $1 Million To The Google Chrome HackersThe keyword here is “up to”.

As if the Pwn2Own contest was not enough, Google will be holding its own competition at the CanSecWest security conference.

Called Pwnium, contest attendees will be asked to exploit the Google Chrome web browser and in return, will be rewarded as follows:
Continue Reading

Pwn2Own 2012 Is Coming

By | February 20, 2012 | 23 Comments

Pwn2Own 2012 Is ComingPwn2Own, a computer hacking contest, which will begin on March 7th in Vancouver, British Columbia, has slightly modified its concept, according to sources.

First of all, smartphone hacks have been dropped completely in favor of the web browser exploits against Internet Explorer, Firefox, Google Chrome and Safari running on both Windows and Mac operating systems.
Continue Reading

Google’s Chrome Sandbox Hacked

By | May 10, 2011 | 12 Comments

Googles Chrome Sandbox Hacked

The end is near.

After countless attempts, the almighty Sandbox has been bypassed by the French security company Vupen, which won the $15,000 cash prize just few months ago in the Pwn2Own contest for successfully hacking Safari web browser.

Although Google was unable to confirm such claim, the buzz is quickly spreading all over the Internet.
Continue Reading

Weekly Browsers Recap + Bonus Links, March 14th

By | March 14, 2011 | 0 Comments

Weekly Browsers Recap, March 14th

FavBrowser.com

Continue Reading

IE8 and Safari Fall on First Day of Pwn2own

By | March 11, 2011 | 13 Comments

Red Font Pwn

Pwn2Own, the yearly hacking contest held as part of the CanSecWest security conference, saw the successful hijacking of fully patched versions of Safari and Internet Explorer 8 this year. Ars Technica described Pwn2Own as the following:

If a researcher can pwn the browser—that is, make it run arbitrary code—then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes—restricted environments with reduced access to data and the operating system—that are imposed.

Continue Reading