Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative ZDI said in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious...

Pwn2Own Day 1 and 2: Samsung, HP, MikroTik & Netgear Pwned

By Habiba Rashid Here is everything you need to know about the first two days at the Pwn2Own hacking contest. This is a post from HackRead.com Read the original post: Pwn2Own Day 1 and 2: Samsung, HP, MikroTik & Netgear Pwned...

Sodinokibi Ransomware Group Sponsors Hacking Contest

White hats aren’t alone in holding hacking contests. Russian-language cybercriminals are known for running similar competitions on underground forums. However, an analysis of Dark Web activity has uncovered a trend towards offering increasingly high-stakes prizes during such battles. At the same...

Inside Pwn2Own's High-Stakes Industrial Hacking Contest

At Pwn2Own, hackers had no trouble dismantling systems that help run everything from car washes to nuclear plants...

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

This Week in Security News: Pwn2Own Adds Industrial Control Systems to Hacking Contest and Cyber Crooks Target ESports

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Among news from this week, learn about Pwn2Own’s new hacking contest that will take place in Miami next year. Also, as October was Cybersecurity...

Firefox, Edge, Safari, Tesla & VMware pwned at Pwn2Own

By Waqas Pwn2Own 2019 has yet again proved that a secure system is nothing else but a myth. In its two days running, the contest has claimed many high-profile victims including the likes of Tesla, Firefox, and Safari. Pwn2Own is an annual hacking contest held in Vancouver alongside the CanSecWest...

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X,...

Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers

Three major mobile phone models – the Samsung Galaxy S9, iPhone X and the Xiaomi Mi6 – failed to survive the hacker onslaught at this year’s Pwn2Own Tokyo 2018. In all, 18 exploits, with some attacks chaining together as many as five exploits, were used to own the three phones and earn hacker tea...

Vmware virtual machine escape Vulnerability CVE-2017-4901）Exploit code analysis and use-vulnerability and early warning-the black bar safety net

0×01 event analysis 2017 7 on 19 unamer in its github released a for Vmware virtual machine escape exploit source code, using C++. The alleged impact of Vmware Workstation 12.5.5 the previous version, and gives a demonstration of the process, to achieve a from the virtual machine to the host...

The Project Zero Contest — Google will Pay you $200,000 to Hack Android OS

Why waiting for researchers and bug hunters to know vulnerabilities in your products, when you can just throw a contest for that. Google has launched its own Android hacking contest with the first prize winner receiving $200,000 in cash. That's a Hefty Sum! The contest is a way to find and destro...

Announcing the Project Zero Prize

Posted by Natalie Silvanovich, Exploit Enthusiast Despite the existence of vulnerability rewards programs at Google and other companies, many unique, high-quality security bugs have been discovered as a result of hacking contests. Hoping to continue the stream of great bugs, we’ve decided to star...

Naval Academy Cadets Win NSA Hacking Contest

Midshipmen from the United States Naval Academy in have won the National Security Agency’s Cyber Defense Exercise CDX for the third time. Between April 13 and 17, the CDX pits the U.S. Naval, Air Force, Coast Guard, Merchant Marine and Military Academy and the Royal Military College of Canada...

All Major Browsers Fall At Pwn2Own Day Two

Two researchers on Thursday took down the four major browsers, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari, as Pwn2Own, the annual hacking contest that runs in tandem at CanSecWest, wound down in Vancouver. The story of the day was Korean researcher Jung Hoon Lee...

Google Pwnium Program Now Open All Year

Google is expanding its successful Pwnium vulnerability reward program–which has run at various security conferences for a couple of years now–to run continuously and offer an unlimited pool of financial rewards. Pwnium originally was established as an alternative to the Pwn2Own hacking contest a...

HP's Zero Day Initiative Changes Bug-Buying Guidelines

HP’s Zero Day Initiative has decided to adjust its guidelines and criteria or buying some vulnerabilities in the future, eliminating some large classes of bugs from its menu. The group, which has been among the more visible and prominent of the vulnerability purchasing programs since its inceptio...

Windows Phone Sandbox Holds Up at Mobile Pwn2Own

The Mobile Pwn2Own hacking contest ended today as did the PacSec Applied Security Conference in Tokyo with hackers unable to gain complete control over a Windows Phone and the latest version of the Android mobile OS. Contest sponsors HP said two competitors, Nico Joly and Juri Aedla, were able to...

DEF CON SOHOpelessly Broken Wireless Router Hacking Contest

Home and small office wireless routers are feature-rich networking devices, providing consumers and mom-and-pop shops with much more than an Internet gateway. Some, for example, have a print server function, while others store personal files—and very few are secure out of the box. Hackers and...

Google adds its Chrome apps and extensions to Bug Bounty Program

Google's Vulnerability Reward Program which started in November 2010, offers a hefty reward to the one who find a good vulnerability in its products. Now Google is getting a little more serious about the security of its Chrome Browser and has expanded its Bug Bounty Program to include all Chrome...

Hackers Exploit BlackBerry Browser Bug !

Research in Motion has found a security flaw and recommended that user disable JavaScript in browsers on certain phones, threatening the BlackBerry maker's iron-clad reputation for security. "The issue could result in remote code execution on affected BlackBerry smartphones," the Waterloo,...