Home page logo
/

isn logo Information Security News mailing list archives

Plug-in pwning challenge brings Pwn2Own prizes to $US560K
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 22 Jan 2013 00:19:44 -0600 (CST)

http://www.theregister.co.uk/2013/01/22/pwn2own_web_plugin_prize/

By Iain Thomson in San Francisco
The Register
22nd January 2013

The organizers of the Pwn2Own hacking competition held at the annual CanSecWest security conference have upped the prize pool to $US560,000 and will now be offering prizes for hacking web plug-ins from Adobe and Oracle.

The contest, which dropped mobile phone hacking last year, has added web plug-in hacking to the prize pool. Contestants get $70,000 apiece for cracking Adobe Reader and Flash, and $20,000 for getting past Java. Based on the latter's recent parlous performance in the security arena that price discount seems justified.

"We've added browser plug-ins as a reflection of their increasing popularity as an attack vector," said Brian Gorenc, manager of vulnerability research at Pwn2Own sponsors HP DVLabs. "We want to demonstrate new hacking areas and design new mitigation techniques."

For the more traditional hacks against browsers, a working Chrome exploit for Windows 7 will net $100,000, with the same again for an IE10 hack in Windows 8 or $75,000 for breaking IE9 in Windows 7. A Safari exploit in OSX Mountain Lion is worth $65,000 and Firefox on Windows 7 just $60,000, and all hacks must be completed in a 30 minute time frame.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org

  By Date           By Thread  

Current thread:
  • Plug-in pwning challenge brings Pwn2Own prizes to $US560K InfoSec News (Jan 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault