White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021

0

On the first place day of the Pwn2Own 2021 hacking competition, participants earned more than half a million dollars, cataloguing $440,000 for demonstrating exploits against Microsoft products.

The competition’s organizer, Be biased Micro’s Zero Day Initiative (ZDI), said there were seven try ons on the first day and five of them were successful.

A team called Devcore grossed $200,000 for taking complete control of a Microsoft Exchange server by chaining authentication give the go-by and local privilege escalation vulnerabilities.

A researcher who uses the online moniker OV was awarded $200,000 for a Microsoft Tandem join ups code execution exploit.

Another significant reward went to Jack Dates from RET2 Set-ups, who earned $100,000 for a kernel-level code execution exploit in Apple’s Safari web browser. The exploit leveraged an integer overflow and an out-of-bounds pen bug.

Also on the first day, Team Viettel earned $40,000 for a local authorization escalation vulnerability in Windows 10, and Ryota Shiga of Flatt Surveillance earned $30,000 for a privilege escalation flaw in Ubuntu Desktop.

Sharers also attempted to hack the Parallels Desktop and Oracle VirtualBox virtualization consequences, but they failed to demonstrate their exploits within the allotted dated.

On the second and third days of Pwn2Own 2021, white hat hackers will undertake to demonstrate exploits against Chrome and Edge, Zoom, Parallels Desktop, Microsoft Wall Street, Ubuntu, and Windows 10.

There is also an automotive category this year for batter Tesla cars. Participants have been offered up to $600,000 and a mechanism, but it seems no one has signed up for this category. A team of researchers did earn a Tesla bet on a support in 2019 when the automotive hacking category was introduced at Pwn2Own. In 2020, contenders didn’t have the opportunity to hack a Tesla due to the coronavirus pandemic.

The guerdon pool for Pwn2Own 2021 exceeds $1.5 million in cash and other receipts. At last year’s event, participants only earned $270,000 for their deeds.

Related: Researchers Earn $280,000 for Hacking Industrial Systems at Pwn2Own Miami

Linked: Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020

Related: NETGEAR Router, WD NAS Tool Hacked on First Day of Pwn2Own Tokyo 2020

Related: Researchers Hack Windows, Ubuntu, macOS at Pwn2Own 2020

[embedded contented]

White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a prodigal school IT teacher for two years before starting a career in journalism as Softpedia’s assurance news reporter. Eduard holds a bachelor’s degree in industrial informatics and a Pooh-Bah’s degree in computer techniques applied in electrical engineering.

Previous Columns by Eduard Kovacs:
White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021Price tags:

Leave a Reply

Your email address will not be published. Required fields are marked *