Pwn2Own hacking contest kicks off



The popular Pwn2Own security contest kicked off at the CanSecWest security conference.

The two-day hacking challenge pits security researchers against fully-patched versions of the latest desktop and smartphone web browsers and operating systems.


Aaron Portnoy, security research manager for contest sponsor DV Labs announced on Wednesday afternoon that Vupen Security achieved the first successful hack of the contest.

The group was able to exploit a vulnerability in Apple's Safari web browser to demonstrate remote code execution capabilities on a MacBook Pro running a fully-patched OS X.

Shortly after, Portnoy revealed that Harmony Security researcher Stephen Fewer was able to compromise a system running Internet Explorer.

The first contestants to demonstrate working exploits will be awarded a $15,000 prize from DVLabs as well as ownership of the compromised device.

The 2011 version of the Pwn2Own contest has been particularly anticipated. Google is offering researchers an extended prize of $20,000 for discovering and exploiting vulnerabilities in its Chrome web browser.

In the days leading up to the contest, Mozilla and Google all issued updates for vulnerabilities in their web browsers.

DVLabs parent company HP said that it would be using the vulnerabilities discovered in the contest to generate filters for its intrusion prevention system.

"Customers demand security solutions that will protect their data and applications from a wide variety of vulnerabilities, whether they are patched by the vendor or not," said HP DVLabs director Dan Holden.

"Sponsoring the Pwn2Own contest for the fifth consecutive year enables HP to remain on the leading edge of the security industry, so we can offer our clients unique protection against advanced attacks."

Taken From :
(Visited 27 times, 1 visits today)

Share this article if you found this post was useful:

Blogger at Love PHP, offensive security and web.
Contact him at me[-at-]

See all posts by || Visit Website :