Pwn2Own

Last updated
Pwn2Own
DateApril 18–20, 2007 (2007-04-18 2007-04-20)
TimeTwice yearly
Duration2 to 4 days
VenueCanSecWest security conference
LocationVarious
Type Hacking contest
Patron(s)Zero Day Initiative
Organized byCanSecWest Applied Security Conference
AwardsCash prizes
Website CanSecWest Applied Security Conference

Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference. [1] First held in April 2007 in Vancouver, [2] the contest is now held twice a year, [3] most recently in March 2024. [4] Contestants are challenged to exploit widely used software [5] and mobile devices with previously unknown vulnerabilities. [6] Winners of the contest receive the device that they exploited and a cash prize. [7] The Pwn2Own contest serves to demonstrate the vulnerability of devices and software in widespread use while also providing a checkpoint on the progress made in security since the previous year.

Contents

History

Origins

The first contest in 2007 [1] was conceived and developed by Dragos Ruiu in response to his frustration with Apple Inc.'s lack of response [8] to the Month of Apple Bugs and the Month of Kernel Bugs, [9] as well as Apple's television commercials that trivialized the security built into the competing Windows operating system. [10] At the time, there was a widespread belief that, despite these public displays of vulnerabilities in Apple products, OS X was significantly more secure than any other competitors. [8] On March 20, roughly three weeks before CanSecWest that year, Ruiu announced the Pwn2Own contest to security researchers on the DailyDave mailing list. [1] The contest was to include two MacBook Pros that he would leave on the conference floor hooked up to their own wireless access point. Any conference attendee that could connect to this wireless access point and exploit one of the devices would be able to leave the conference with that laptop. There was no monetary reward. [8] The name "Pwn2Own" was derived from the fact that contestants must "pwn" or hack the device in order to "own" or win it.

On the first day of the conference in Vancouver, British Columbia, Ruiu asked Terri Forslof of the Zero Day Initiative (ZDI) to participate in the contest. [5] ZDI has a program which purchases zero-day attacks, reports them to the affected vendor and turns them into signatures for their own network intrusion detection system, increasing its effectiveness. The vulnerabilities sold to ZDI are made public only after the affected vendor has issued a patch for it. [11] Forslof agreed to have ZDI offer to purchase any vulnerabilities used in the contest for a flat price of $10,000. [5] The first contest subsequently exposed a high-profile QuickTime flaw, which was disclosed to Apple on April 23 and patched in early May. [5]

In 2008 the scope of the Pwn2Own contest was expanded. [12] Targets included three laptops running the default installation of Windows Vista, OS X, or Ubuntu Linux. [13] Mobile devices were added in 2009. [6]

For 2012 the rules were changed to a capture-the-flag-style competition with a point system. [14] At and Chrome was successfully exploited for the first time, by regular competitor VUPEN. [15] After withdrawing from the contest that year due to new disclosure rules, [16] in 2013 Google returned as a sponsor and the rules were changed to require full disclosure of exploits and techniques used. [17] In that year (2013) a single researcher was able to hack Chrome, Firefox and Internet Explorer, a trifecta hack. [18] Google ceased to be a sponsor of Pwn2Own in 2015. [19]

Recent years

In 2015, every web browser tested was successfully hacked and every prize won, totaling $557,500. Other prizes such as laptops were also given to winning researchers. [20] In 2018, the conference was much smaller and sponsored primarily by Microsoft, after China banned its security researchers from participating in the contest. [21]

Pwn2Own continues to be sponsored by Trend Micro's Zero Day Initiative, with ZDI reporting vulnerabilities to vendors before going public with the hacks. [3] "One of the largest hacking contests in the world" according to TechCrunch, [22] as of 2019 the contest continues to be held several times a year. [7] Pwn2Own Tokyo was held November 6 to November 7 in Tokyo, Japan, and was expected to hand out $750,000 in cash and prizes. [22] Hacks focus on browsers, virtual machines, computers, and phones. [3] In 2019, the contest added cars for the first time, with $900,000 offered for hacks exploiting Tesla software. [3] In 2019, the contest added industrial control systems. [23]

Award system

Winners of the contest receive the device that they exploited and a cash prize. [7] Winners also receive a "Masters" jacket celebrating the year of their win.

List of successful exploits

The following list of notable hacks is incomplete.

Hacker(s)AffiliationYearExploit TargetVersion / OSSource
Dino Dai ZoviIndependent2007 QuickTime (Safari) Mac OS X [24] [25]
Shane MacauleyIndependent2007QuickTime (Safari)Mac OS X [25] [24]
Charlie Miller ISE2008 Safari (PCRE) Mac OS X 10.5.2 [26] [27]
Jake HonoroffISE2008Safari (PCRE)Mac OS X 10.5.2 [26]
Mark DanielISE2008Safari (PCRE)Mac OS X 10.5.2 [26]
Shane MacauleyIndependent2008 Adobe Flash (Internet Explorer) Windows Vista Service Pack 1 [28]
Alexander Sotirov Independent2008Adobe Flash (Internet Explorer)Windows Vista Service Pack 1 [28]
Derek CallawayIndependent2008Adobe Flash (Internet Explorer)Windows Vista Service Pack 1 [28]
Charlie Miller ISE2009SafariMac OS X [29] [27]
NilsIndependent2009 Internet Explorer 8 Windows 7 Beta [30]
NilsIndependent2009SafariMac OS X [31]
NilsIndependent2009 Mozilla Firefox [32]
Charlie Miller ISE2010SafariMac OS X [33]
Peter VreugdenhilIndependent2010 Internet Explorer 8 Windows 7 [33]
NilsIndependent2010 Mozilla Firefox 3.6 Windows 7 (64-bit) [33]
Ralf-Philipp WeinmannIndependent2010 iPhone 3GS iOS [33]
Vincenzo IozzoIndependent2010iPhone 3GSiOS [33]
VUPEN VUPEN2011Safari 5.0.3 Mac OS X 10.6.6 [34]
Stephen FewerHarmony Security2011Internet Explorer 8 (32-bit) Windows 7 Service Pack 1 (64-bit) [34]
Charlie Miller ISE2011 iPhone 4 iOS 4.2.1 [35]
Dion BlazakisISE2011iPhone 4iOS 4.2.1 [35]
Willem PinckaersIndependent2011 BlackBerry Torch 9800 BlackBerry OS 6.0.0.246 [35]
Vincenzo IozzoIndependent2011Blackberry Torch 9800BlackBerry OS 6.0.0.246 [35]
Ralf-Philipp WeinmannIndependent2011Blackberry Torch 9800BlackBerry OS 6.0.0.246 [35]
VUPENVUPEN2012 Chrome Windows 7 Service Pack 1 (64-bit) [15]
VUPENVUPEN2012 Internet Explorer 9 Windows 7 [36]
Willem PinckaersIndependent2012Mozilla Firefox [37]
Vincenzo IozzoIndependent2012Mozilla Firefox [37]
VUPENVUPEN2013 Internet Explorer 10 Windows 8 [38]
VUPENVUPEN2013Adobe FlashWindows 8 [39]
VUPENVUPEN2013 Oracle Java Windows 8 [39]
NilsMWR Labs2013ChromeWindows 8
JonMWR Labs2013ChromeWindows 8
George Hotz Independent2013 Adobe Reader Windows 8
Joshua DrakeIndependent2013Oracle JavaWindows 8
James ForshawIndependent2013Oracle JavaWindows 8
Ben MurphyIndependent2013Oracle JavaWindows 8
Pinkie PieIndependent2013 (Mobile)Chrome Android [40]
Nico JolyVUPEN2014 (mobile) Windows Phone (Internet Explorer 11) Windows 8.1
VUPENVUPEN2014 Internet Explorer 11 Windows 8.1
VUPENVUPEN2014 Adobe Reader XI Windows 8.1
VUPENVUPEN2014ChromeWindows 8.1
VUPENVUPEN2014Adobe FlashWindows 8.1
VUPENVUPEN2014Mozilla FirefoxWindows 8.1
Liang Chen, Zeguang ZhaoKeen team, team5092014Adobe FlashWindows 8.1
Sebastian Apelt, Andreas SchmidtIndependent2014 Internet Explorer 11 Windows 8.1
Jüri AedlaIndependent2014Mozilla FirefoxWindows 8.1
Mariusz MłyńskiIndependent2014Mozilla FirefoxWindows 8.1
George HotzIndependent2014Mozilla FirefoxWindows 8.1
Liang Chen, Zeguang ZhaoKeen team, team5092014 OS X Mavericks, and Safari
Bernard Wagner, Kyle RileyMWR Labs2014Amazon Fire PhoneFire OS [41]
Jung Hoon Lee, aka lokihardtIndependent2015Internet Explorer 11, Google Chrome, and Safari [20]
Nico Golde, Daniel KomaromyIndependent2015 (Mobile) Samsung Galaxy S6 Baseband Android
Guang GongQihoo 3602015 (Mobile) Nexus 6 Chrome Android
JungHoon LeeIndependent2016Microsoft EdgeWindows 10
Liang Chen, Qidan He, Marco Grassi, Yubin FuTencent Security Team Sniper2016SafariMac OS X [42] [43] [44]
360VulcanQihoo 3602016Adobe Flash Player, ChromeWindows 10 [43] [44]
Liang Chen, Wayne Liang, Marco Grassi, Yubin FuTencent Keen Security Lab2016

(Mobile)

SafariiOS 10 [45] [46]
Qidan He, Gengming Liu, Zhen FengTencent Keen Security Lab2016

(Mobile)

Nexus 6P ChromeAndroid [46]
2017iPhone 7, others iOS 11.1
2018
FluoroacetateIndependent2019 (Mobile) Amazon Echo Show 5 [47]
Pedro Ribeiro, Radek DomanskiFlashback2019 (Mobile)NETGEAR Nighthawk Smart WiFi Router (LAN and WAN)v3 (hardware) [48]
Pedro Ribeiro, Radek DomanskiFlashback2019 (Mobile)TP-Link AC1750 Smart WiFi Router (LAN and WAN)v5 (hardware) [49]
Mark Barnes, Toby Drew, Max Van Amerongen, and James LoureiroF-Secure Labs2019 (Mobile)Xiaomi Mi9 (Web Browser and NFC)Android [48]
Mark Barnes, Toby Drew, Max Van Amerongen, and James LoureiroF-Secure Labs2019 (Mobile)TP-Link AC1750 Smart WiFi Router (LAN and WAN)v5 (hardware) [49]
Yong Hwi Jin, Jungwon Lim, and Insu YunGeorgia Tech Systems Software & Security Lab2020 (Desktop)Apple Safari, with privilege escalationmacOS [50] [51]
Richard ZhuFluorescence2020 (Desktop)Microsoft WindowsWindows [50] [51]
Manfred PaulRedRocket2020 (Desktop)Ubuntu DesktopUbuntu [50] [51]
Amat Cama, Richard ZhuFluoroacetate2020 (Desktop)Microsoft WindowsWindows [50] [51]
Phi Phạm HồngSTAR Labs2020 (Desktop)Oracle VirtualBoxWindows [50] [52]
Amat Cama, Richard ZhuFluoroacetate2020 (Desktop)Adobe Reader, with privilege escalationWindows [50] [52]
Lucas LeongZero Day Initiative2020 (Desktop)Oracle VirtualBoxWindows [50] [52]
STAR Labs2020 (Tokyo)NETGEAR Nighthawk R7800 (LAN) [53]
Trapa Security2020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
Pedro Ribeiro, Radek DomanskiFlashback2020 (Tokyo)NETGEAR Nighthawk R7800 (WAN) [53]
84c02020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
Viettel Cyber Security2020 (Tokyo)Samsung Q60T [53]
Trapa Security2020 (Tokyo)NETGEAR Nighthawk R7800 (LAN) [53]
Pedro Ribeiro, Radek DomanskiFlashback2020 (Tokyo)TP-Link AC1750 Smart WiFi [53]
Bugscale2020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
84c02020 (Tokyo)NETGEAR Nighthawk R7800 (LAN) [53]
F-Secure Labs2020 (Tokyo)Samsung Q60T [53]
Sam ThomasPentest Ltd2020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
Synacktiv2020 (Tokyo)TP-Link AC1750 Smart WiFi (LAN) [53]
DEVCORE2020 (Tokyo)Synology DiskStation DS418Play NAS [53]
DEVCORE2020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
Gaurav Baruah2020 (Tokyo)Western Digital My Cloud Pro Series PR4100 [53]
Viettel Cyber Security2020 (Tokyo)Sony X800 [53]
STAR Labs2020 (Tokyo)Synology DiskStation DS418Play NAS [53]
Jack DatesRET2 Systems2021 (Vancouver)Apple Safari, with privilege escalation [54]
DEVCORE2021 (Vancouver)Microsoft Exchange [54]
OV2021 (Vancouver)Microsoft Teams [54]
Viettel Cyber Security2021 (Vancouver)Microsoft WindowsWindows 10 [54]
Ryota ShigaFlatt Security Inc2021 (Vancouver)Ubuntu DesktopUbuntu [54]
Jack DatesRET2 Systems2021 (Vancouver)Parallels Desktop [54]
Bruno Keith, Niklas BaumstarkDataflow Security2021 (Vancouver)Google Chrome, Microsoft Edge [54]
Viettel Cyber Security2021 (Vancouver)Microsoft Exchange [54]
Daan Keuper, Thijs AlkemadeComputest2021 (Vancouver)ZoomWindows [54]
Tao YanPalo Alto Networks2021 (Vancouver)Microsoft WindowsWindows 10 [54]
Sunjoo Park2021 (Vancouver)Parallels Desktop [54]
Manfred Paul2021 (Vancouver)Ubuntu DesktopUbuntu [54]
z3r092021 (Vancouver)Microsoft WindowsWindows 10 [54]
Benjamin McBrideL3Harris Trenchant2021 (Vancouver)Parallels Desktop [54]
Steven SeeleySource Incite2021 (Vancouver)Microsoft Exchange [54]
BillySTAR Labs2021 (Vancouver)Ubuntu DesktopUbuntu [54]
Fabien PerigaudSynacktiv2021 (Vancouver)Microsoft WindowsWindows 10 [54]
Alisa Esage 2021 (Vancouver)Parallels Desktop [54]
Vincent DehorsSynacktiv2021 (Vancouver)Ubuntu DesktopUbuntu [54]
Da Lao2021 (Vancouver)Parallels Desktop [54]
Marcin Wiazowski2021 (Vancouver)Microsoft WindowsWindows 10 [54]
Orange TsaiDEVCORE Research Team2021Microsoft Exchange ServerWindows [55]
Anonymous researcher2021Microsoft Sharepoint ServerWindows [55]
Abdelhamid Naceri (halov)2021Lock screen bypassWindows [55]
Manfred PaulApril 2021eBPF Privilege EscalationLinux Kernel [55]
Jack DatesRET2 Systems, Inc.2021Safari RCE / WebKit / WebAssemblyMac OS [55]

Yearly contests

2007

The contest took place from Thursday, April 18 to Saturday, April 20, 2007, in Vancouver. [2] The first contest was intended to highlight the insecurity of Apple's Mac OS X operating system since, at the time, there was a widespread belief that OS X was far more secure than its competitors. [8] Concerning rules, only two MacBook Pro laptops, one 13" and one 15", were left on the conference floor at CanSecWest and joined to a separate wireless network. Only certain attacks were allowed and these restrictions were progressively loosened over the three days of the conference. [8] Day 1 allowed remote attacks only, day 2 had browser attacks included, while day 3 allowed local attacks, where contestants could connect with a USB stick or Bluetooth. In order to win the 15" MacBook Pro, contestants would be required to further escalate their privileges to root after gaining access with their initial exploit.

The laptops were not hacked on the first day. After the $10,000 prize was announced by ZDI, Shane Macaulay called up former co-worker Dino Dai Zovi in New York and urged him to compete in the second day. [2] In one night, Dai Zovi found and exploited a previously unknown vulnerability in a QuickTime library loaded by Safari. [24] The following morning, Dai Zovi sent his exploit code to Macaulay, [56] who placed it on a website and e-mailed the contest organizers a link to it. When clicked, the link gave Macauley control of the laptop, winning the contest by proxy for Dai Zovi, who gave Macaulay the 15" MacBook Pro. [57] Dai Zovi separately sold the vulnerability to ZDI for the $10,000 prize. [25]

2008

Pwn2Own 2008 took place from Thursday, March 26 to Saturday, March 28, 2008. [13] After the successful 2007 contest, the scope of the contest expanded to include a wider array of operating systems and browsers. The contest would demonstrate the widespread insecurity of all software in widespread use by consumers. [12] Dragos refined the contest with the help of a wide panel of industry experts and the contest was administered by ZDI, who would again offer to purchase the vulnerabilities after their demonstration. [13] As with all the vulnerabilities that ZDI purchases, the details of the vulnerabilities used in Pwn2Own would be provided to the affected vendors and public details would be withheld until a patch was made available. [11] All contestants who successfully demonstrated exploits at the contest could sell their vulnerabilities to ZDI for prizes of $20,000 on the first day, $10,000 on the second day, and $5,000 on the third day. [12] As in the previous year's contest, only certain attacks were allowed on each day. Targets included three laptops running the default installation of Windows Vista Ultimate SP1, Mac OS X 10.5.2, or Ubuntu Linux 7.10. [13] Day 1 saw remote attacks only; contestants had to join the same network as the target laptop and perform their attack without user interaction and without authentication. Day 2 had browser and Instant messaging attacks included, as well as malicious website attacks with links sent to organizers to be clicked. [12] Day 3 had third-party client applications included. Contestants could target popular third-party software [12] such as browsers, Adobe Flash, Java, Apple Mail, iChat, Skype, AOL, and Microsoft Silverlight. [13]

The laptop running OS X was exploited on the second day of the contest with an exploit for the Safari browser co-written by Charlie Miller, [27] Jake Honoroff and Mark Daniel of Independent Security Evaluators. Their exploit targeted an open-source subcomponent of the Safari browser. [26] [58] The laptop running Windows Vista SP1 was exploited on the third day of the contest with an exploit for Adobe Flash co-written by Shane Macaulay, Alexander Sotirov, and Derek Callaway. [28] [59] After the contest, Adobe disclosed that they had co-discovered the same vulnerability internally and had been working on a patch at the time of Pwn2Own. [60] The laptop running Ubuntu was not exploited.

2009

Pwn2Own 2009 took place over the three days of CanSecWest from Thursday, March 18 to Saturday, March 20, 2009. After having considerably more success targeting web browsers than any other category of software in 2007, the third Pwn2Own focused on popular browsers used on consumer desktop operating systems. It added another category of mobile devices which contestants were challenged to hack via many remote attack vectors including email, SMS messages, and website browsing. [6] [61] All contestants who demonstrated successful exploits at the contest were offered rewards for the underlying vulnerabilities by ZDI, $5,000 for browser exploits and $10,000 for mobile exploits. [62]

Web browser targets were Internet Explorer 8, Firefox, and Chrome installed on a Sony Vaio running Windows 7 Beta and Safari and Firefox installed on a MacBook running Mac OS X. All browsers were fully patched and in default configurations on the first day of the contest. As in previous years, the attack surface contest expanded over the three days. [62] On day 1, contestants had to target functionality in the default browser without access to any plugins. On day 2, Adobe Flash, Java, Microsoft .NET Framework, and QuickTime were included. On day 3, other popular third-party plugins were included like Adobe Reader. Multiple winners per target were allowed, but only the first contestant to exploit each laptop would get it. Mobile device targets included BlackBerry, Android, Apple iPhone 2.0 (T-Mobile G1), Symbian (Nokia N95) and Windows Mobile (HTC Touch) phones in their default configurations.

As with the browser contest, the attack surface available to contestants expanded over three days. In order to prove that they were able to successfully compromise the device, contestants had to demonstrate they could collect sensitive data from the mobile device or incur some type of financial loss from the mobile device owner. [62] On day 1, the device could receive SMS, MMS, and e-mail but messages could not be read. Wifi (if on by default), Bluetooth (if on by default), and radio stack were also in-scope. On day 2, SMS, MMS, and e-mail could be opened and read. Wifi was turned on and Bluetooth could be turned on and paired with a nearby headset (additional pairing disallowed). Day 3 allowed one level of user interaction with the default applications. Multiple winners per device were allowed, but only the first contestant to exploit each mobile device would get it (along with a one-year phone contract).

Based on the increased interest in competing in 2009, ZDI arranged a random selection to determine which team went first against each target. [62] The first contestant to be selected was Charlie Miller. He exploited Safari on OS X without the aid of any browser plugins. [29] [27] In interviews after winning the contest, Miller stressed that while it only took him minutes to run his exploit against Safari it took him many days to research and develop the exploit he used. [63] A researcher identified only as Nils was selected to go after Miller. Nils successfully ran an exploit against Internet Explorer 8 on Windows 7 Beta. In writing this exploit, Nils had to bypass anti-exploitation mitigations that Microsoft had implemented in Internet Explorer 8 and Windows 7, including Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR). [30] [64] Nils continued trying the other browsers. Although Miller had already exploited Safari on OS X, Nils exploited this platform again, [31] then moved on to exploit Firefox successfully. [32] Near the end of the first day, Julien Tinnes and Sami Koivu (remote) successfully exploited Firefox and Safari on OS X with a vulnerability in Java. At the time, OS X had Java enabled by default, which allowed for reliable exploitation against that platform. However, due to having reported the vulnerabilities to the vendor already, Tinnes' participation fell outside the rules of the contest and was unable to be rewarded. [65] The next days of the contest did not attract any additional contestants. Chrome, as well as all of the mobile devices, went unexploited in Pwn2Own 2009. [66]

2010

The competition started on March 24, 2010 and had a total cash prize pool of US$100,000. [67] Nine days before the contest was to begin, Apple released sixteen patches for WebKit and Safari. [68] Concerning software to exploit, $40,000 of the $100,000 was reserved for web browsers, where each target is worth $10,000. [67] Day 1 included Microsoft Internet Explorer 8 on Windows 7, Mozilla Firefox 3.6 on Windows 7, Google Chrome 4 on Windows 7, and Apple Safari 4 on Mac OS X Snow Leopard. Day 2 included Microsoft Internet Explorer 8 on Windows Vista, Mozilla Firefox 3 on Windows Vista, Google Chrome 4 on Windows Vista, and Apple Safari 4 on Mac OS X Snow Leopard. Day 3 included Microsoft Internet Explorer 8 on Windows XP, Mozilla Firefox 3 on Windows XP, Google Chrome 4 on Windows XP, and Apple Safari 4 on Mac OS X Snow Leopard. $60,000 of the total $100,000 cash prize pool was allotted to the mobile phone portion of the contest, each target was worth $15,000. [67] These included Apple iPhone 3GS, RIM BlackBerry Bold 9700, Nokia E72 device running Symbian, and HTC Nexus One running Android.

The Opera web browser was left out of the contests as a target: The ZDI team argued that Opera had a low market share and that Chrome and Safari are only included "due to their default presence on various mobile platforms". However, Opera's rendering engine, Presto, is present on millions of mobile platforms. [69] [70] [71] [72]

Among successful exploits were when Charlie Miller hacked Safari 4 on Mac OS X. [33] Nils hacked Firefox 3.6 on Windows 7 64-bit [33] by using a memory corruption vulnerability and bypassing ASLR and DEP, after which Mozilla patched the security flaw in Firefox 3.6.3. [73] Ralf-Philipp Weinmann and Vincenzo Iozzo hacked the iPhone 3GS by bypassing the digital code signatures used on the iPhone to verify that the code in memory is from Apple. [33] Peter Vreugdenhil exploited Internet Explorer 8 on Windows 7 by using two vulnerabilities that involved bypassing ASLR and evading DEP. [33]

2011

The 2011 contest took place March 9 to 11 during the CanSecWest conference in Vancouver. [74] The web browser targets for the 2011 contest included Microsoft Internet Explorer, Apple Safari, Mozilla Firefox, and Google Chrome. New to the Pwn2Own contest was the fact that a new attack surface was allowed for penetrating mobile phones, specifically over cellphone basebands. The mobile phone targets were Dell Venue Pro running Windows Phone 7, iPhone 4 running iOS, BlackBerry Torch 9800 running BlackBerry OS 6.0, and Nexus S running Android 2.3. Several teams registered for the desktop browser contest. For Apple Safari, registered competitors included VUPEN, Anon_07, Team Anon, Charlie Miller. Mozilla Firefox included Sam Thomas and Anonymous_1. Microsoft Internet Explorer teams included Stephen Fewer, VUPEN, Sam Thomas, and Ahmed M Sleet. Google Chrome teams included Moatz Khader, Team Anon, and Ahmed M Sleet. For the mobile browser category, the following teams registered. For the Apple iPhone hack attempt, teams included Anon_07, Dion Blazakis and Charlie Miller, Team Anon, Anonymous_1, and Ahmed M Sleet. To hack the RIM Blackberry the teams were Anonymous_1, Team Anon, and Ahmed M Sleet. To hack the Samsung Nexus S, teams included Jon Oberheide, Anonymous_1, Anon_07, and Team Anonymous. To hack the Dell Venue Pro, teams included George Hotz, Team Anonymous, Anonymous_1, and Ahmed M Sleet.

During the first day of the competition, Safari and Internet Explorer were defeated by researchers. Safari was version 5.0.3 installed on a fully patched Mac OS X 10.6.6. French security firm VUPEN was the first to attack the browser. Internet Explorer was a 32-bit version 8 installed on 64-bit Windows 7 Service Pack 1. Security researcher Stephen Fewer of Harmony Security was successful in exploiting IE. This was demonstrated just as with Safari. [34] In day 2 the iPhone 4 and Blackberry Torch 9800 were both exploited. The iPhone was running iOS 4.2.1; however, the flaw exists in version 4.3 of the iOS. [35] Security researchers Charlie Miller and Dion Blazakis were able to gain access to the iPhone's address book through a vulnerability in Mobile Safari by visiting their exploit-ridden webpage. [35] The Blackberry Torch 9800 phone was running BlackBerry OS 6.0.0.246. The team of Vincenzo Iozzo, Willem Pinckaers, and Ralf Philipp Weinmann took advantage of a vulnerability in the Blackberry's WebKit-based web browser by visiting their previously prepared webpage. [35] Firefox, Android, and Windows Phone 7 were scheduled to be tested during day 2, but the security researchers that had been chosen for these platforms did not attempt any exploits. Sam Thomas had been selected to test Firefox, but he withdrew stating that his exploit was not stable. The researchers that had been chosen to test Android and Windows Phone 7 did not show up. [35] No teams showed up for day three. Chrome and Firefox were not hacked.

2012

For 2012 the rules were changed to a capture-the-flag-style competition with a point system. [14] The new format caused Charlie Miller, successful at the event in past years, to decide not to attend, as it required "on-the-spot" writing of exploits that Miller argued favored larger teams. [16] Hackers went against the four major browsers. [16]

At Pwn2Own 2012, Chrome was successfully exploited for the first time. VUPEN declined to reveal how they escaped the sandbox, saying they would sell the information. [15] Internet Explorer 9 on Windows 7 was successfully exploited next. [36] Firefox was the third browser to be hacked using a zero day exploit. [37]

Safari on Mac OS X Lion was the only browser left standing at the conclusion of the zero-day portion of Pwn2Own. Versions of Safari that were not fully patched and running on Mac OS X Snow Leopard were compromised during the CVE portion of Pwn2Own. Significant improvements in the security mitigations within Mac OS X were introduced in Lion. [75] [76] [ citation needed ]

Controversy with Google

Google withdrew from sponsorship of the event because the 2012 rules did not require full disclosure of exploits from winners, specifically exploits to break out of a sandboxed environment and demonstrated exploits that did not "win". [16] Pwn2Own defended the decision, saying that it believed that no hackers would attempt to exploit Chrome if their methods had to be disclosed. [16] Google offered a separate "Pwnium" contest that offered up to $60,000 for Chrome-specific exploits. Non-Chrome vulnerabilities used were guaranteed to be immediately reported to the appropriate vendor. [16] Sergey Glazunov and a teenager identified as "PinkiePie" each earned $60,000 for exploits that bypassed the security sandbox. [77] [78] Google issued a fix to Chrome users in less than 24 hours after the Pwnium exploits were demonstrated. [79]

2013

In 2013, Google returned as a sponsor and the rules were changed to require full disclosure of exploits and techniques used. [17] The Mobile Pwn2Own 2013 contest was held November 13–14, 2013, during the PacSec 2013 Conference in Tokyo. [80] Web browsers Google Chrome, Internet Explorer and Firefox, along with Windows 8 and Java, were exploited. [81] Adobe also joined the contest, adding Reader and Flash. [38] Apple Safari on Mountain Lion was not targeted as no teams showed up.

French security firm VUPEN has successfully exploited a fully updated Internet Explorer 10 on Microsoft Surface Pro running a 64-bit version of Windows 8 and fully bypassed Protected Mode sandbox without crashing or freezing the browser. [38] The VUPEN team then exploited Mozilla Firefox, Adobe Flash, and Oracle Java. [39] Pinkie Pie won $50,000, and Google released Chrome updates on November 14 to address the vulnerabilities exploited. [40] Nils and Jon from MWRLabs were successful at exploiting Google Chrome using WebKit and Windows kernel flaws to bypass Chrome sandbox and won $100,000. George Hotz exploited Adobe Acrobat Reader and escaped the sandbox to win $70,000. James Forshaw, Joshua Drake, and Ben Murphy independently exploited Oracle Java to win $20,000 each.

The mobile contest saw contestants winning $117,500 out of a prize pool of $300,000. [80]

2014

At Pwn2Own 2014 in March [82] [83] was held in Vancouver at the CanSecWest Conference and sponsored by Hewlett-Packard. [84] All four targeted browsers fell to researchers, [85] and contestants overall won $850,000 of an available pool of $1,085,000. [86] VUPEN successfully exploited fully updated Internet Explorer 11, Adobe Reader XI, Google Chrome, Adobe Flash, and Mozilla Firefox on a 64-bit version of Windows 8.1, to win a total of $400,000—the highest payout to a single competitor to date. The company used a total of 11 distinct zero-day vulnerabilities. [87]

Among other successful exploits in 2014, Internet Explorer 11 was exploited by Sebastian Apelt and Andreas Schmidt for a prize of $100,000. [84] Apple Safari on Mac OS X Mavericks and Adobe Flash on Windows 8.1 were successfully exploited by Liang Chen of Keen Team and Zeguang Zhao of team509. [88] Mozilla Firefox was exploited three times on the first day, and once more on the second day, with HP awarding researchers $50,000 for each disclosed Firefox flaw that year. [89] Both Vupen and an anonymous participant exploited Google Chrome. Vupen earned $100,000 for the crack, while the anonymous entrant had their prize of $60,000 reduced, as their attack relied on a vulnerability revealed the day before at Google's Pwnium contest. [85] Also, Nico Joly of the VUPEN team took on the Windows Phone (the Lumia 1520), but was unable to gain full control of the system. [90] In 2014, Keen Lab hacked Windows 8.1 Adobe Flash in 16 seconds, as well as the OSX Mavericks Safari system in 20 seconds. [91]

2015–2017

Every single prize available was claimed in 2015 in March in Vancouver, and all browsers were hacked for a total in $557,500 and other prizes. The top hacker proved to be Jung Hoon Lee, who took out "IE 11, both the stable and beta versions of Google Chrome, and Apple Safari" and earned $225,000 in prize money. Other hacks included Team509 and KeenTeem breaking into Adobe Flash, and other breaks in Adobe Reader. Overall, there were 5 bugs in the Windows operating system, 4 in Internet Explorer 11, 3 in Firefox, Adobe Reader, and Adobe Flash, 2 in Safari, and 1 in Chrome. [92] Google ceased to be a sponsor of Pwn2Own in 2015. [19]

At the contest in March 2016, "each of the winning entries was able to avoid the sandboxing mitigations by leveraging vulnerabilities in the underlying OSs." [93] In 2016, Chrome, Microsoft Edge and Safari were all hacked. [94] According to Brian Gorenc, manager of Vulnerability Research at HPE, they had chosen not to include Firefox that year as they had "wanted to focus on the browsers that [had] made serious security improvements in the last year". [95] After two days of competition, Tencent Security Team Sniper edged out JungHoon Lee with 13 more Pwn points and earning them the top Master of Pwn for Pwn2Own 2016 title. [44] In Mobile Pwn2Own 2016, which was held in tandem with the PacSecWest security conference in Tokyo, Tencent Team Keen won $215k at Mobile Pwn2Own 2016, by attacking Nexus6P and two exploits for the iPhone iOS 10.1, and was named Master of Pwn, a title ZDI gives to the contestant that accumulates the most points throughout the contest. [46]

In March 2017 in Vancouver, for the first time hackers broke into VMWare's virtual machine sandbox. [96] In 2017, Chrome did not have any successful hacks (although only one team attempted to target Chrome); the subsequent browsers that best fared were, in order, Firefox, Safari and Edge. [97] Mobile Pwn2Own was held on November 1 and 2 in 2017. [98] Representatives from Apple, Google and Huawei were at the contest. [99] Various smartphones, including ones using Apple's iOS 11.1 software, were also successfully hacked. The "11 successful attacks" were against the iPhone 7, the Huawei Mate 9 Pro and the Samsung Galaxy S8. Google Pixel was not hacked. [98] Overall, ZDI that year awarded $833,000 to uncover 51 zero-day bugs. [100] The team Qihoo 360 won the top prize in 2017. [101]

2018

In 2018, the conference was much smaller and sponsored primarily by Microsoft. China had banned its security researchers from participating in the contest, despite Chinese nationals winning in the past, and banned divulging security vulnerabilities to foreigners. [21] In particular, Tencent's Keen Labs and Qihoo 360's 360Vulcan teem did not enter, nor any other Chinese nationals. [100] A Tianfu Cup was subsequently designed to be a "Chinese version of Pwn2Own", also taking place twice a year. [102] Also, shortly before the 2018 conference, Microsoft had patched several vulnerabilities in Edge, causing many teams to withdraw. Nevertheless, certain openings were found in Edge, Safari, Firefox and more. [103] No hack attempts were made against Chrome, [21] [104] although the reward offered was the same as for Edge. [105] Hackers were ultimately awarded $267,000. [103] While many Microsoft products had large rewards available to anyone who was able to gain access through them, only Edge was successfully exploited, and also Safari and Firefox. [21]

2019

A March 2019 contest took place in Vancouver at the CanSecWest conference, with categories including VMware ESXi, VMware Workstation, Oracle VirtualBox, Chrome, Microsoft Edge, and Firefox, as well as Tesla. [3] Tesla entered its new Model 3 sedan, with a pair of researchers earning $375,000 and the car they hacked after finding a severe memory randomization bug in the car's infotainment system. [22] It was also the first year that hacking of devices in the home automation category was allowed. [47]

In October 2019, Politico reported that the next edition of Pwn2Own had added industrial control systems. [23] Pwn2Own Tokyo was held November 6 to November 7, and was expected to hand out $750,000 in cash and prizes. Facebook Portal was entered, as was the Amazon Echo Show 5, a Google Nest Hub Max, an Amazon Cloud Cam and a Nest Cam IQ Indoor. Also entered was the Oculus Quest virtual reality kit. [22] In 2019, a team won $60,000 hacking into an Amazon Echo Show 5. They did so by hacking into the "patch gap" that meshed older software patched onto other platforms, as the smart screen used an old version of Chromium. [106] [7] The team shared the findings with Amazon, [47] which said it was investigating the hack and would take "appropriate steps." [106]

2020

A new edition of the Pwn2Own contest took place on January 21–23, 2020, in Miami at the S4 conference, with industrial control system and SCADA targets only. [107] Contestants were awarded more than $250,000 over the three-day event [108] as hackers demonstrated a multiple exploits in many leading ICS platforms. Steven Seeley and Chris Anastasio, a hacker duo calling themselves Team Incite, were awarded the title of Master of Pwn [109] with winnings of $80,000 and 92.5 Master of Pwn points. Overall, the contest had 14 winning demonstrations, nine partial wins due to bug collisions, and two failed entries. [110]

The spring edition of Pwn2Own 2020 occurred on March 18–19, 2020. Tesla again returned as a sponsor and had a Model 3 as an available target. [111] Due to COVID-19, the conference moved to a virtual event. The Zero Day Initiative decided to allow remote participation. This allowed researchers to send their exploits to the program prior to the event. ZDI researchers then ran the exploits from their homes and recorded the screen as well as the Zoom call with the contestant. The contest saw six successful demonstrations and awarded $270,000 over the two-day event while purchasing 13 unique bugs in Adobe Reader, Apple Safari and macOS, Microsoft Windows, and Oracle VirtualBox. [112] The duo of Amat Cama and Richard Zhu (Team Fluoroacetate) was crowned Master of Pwn with earnings of $90,000. [113]

The fall edition on Pwn2Own, normally referred to as Pwn2Own Tokyo, was held on November 5–7, 2020. With the lockdown from COVID-19 continuing, the contest was again held virtually and titled Pwn2Own Tokyo (Live From Toronto). ZDI researchers in Toronto ran the event, with others connecting from home. This contest also saw the inclusion of storage area network (SAN) servers as a target. [114] The event had eight winning entries, nine partial wins due to bug collisions, and two failed attempts. [115] Overall, the contest awarded $136,500 for 23 unique bugs. The Flashback Team (Pedro Ribeiro and Radek Domanski) earned the Master of Pwn title with two successful Wide Area Network (WAN) router exploits. [116]

2021

On April 6–8, 2021, the Pwn2Own contest took place in Austin and virtually. This year's event expanded by adding the Enterprise Communications category, which includes Microsoft Teams and Zoom Messenger. [117] The first day of the contest saw Apple Safari, [118] Microsoft Exchange, Microsoft Teams, Windows 10, [119] and Ubuntu all compromised. Zoom Messenger was compromised on the second day of the contest with a zero-click exploit. [120] Parallels Desktop, Google Chrome, and Microsoft Edge were also successfully exploited during the contest. Over US$1,200,000 was awarded for 23 unique 0-days. Master of Pwn was a three-way tie between Team DEVCORE, OV, and the team of Daan Keuper and Thijs Alkemade. [121]

2022

Miami (April 19–21)

The second edition of Pwn2Own Miami occurred April 19–21, 2022, at the Filmore in South Beach Miami. Over the three-day contest, $400,000 was awarded for 26 unique 0-days. [122] The team of Daan Keuper and Thijs Alkemade from Computest Sector 7 were awarded Master of Pwn with earnings of $90,000. [123] A highlight of the contest was a demonstration from Daan and Thijs bypassing the trusted application check on the OPC Foundation OPC UA .NET Standard. [124]

Vancouver (May 18–20)

Pwn2Own returned to Vancouver on May 18–20, 2022, to celebrate the 15th anniversary [125] of the contest. Over the three-day event, the ZDI awarded US$1,155,000 for 25 unique 0-day vulnerabilities. Day One of the contest set a single-day contest record of US$800,000 awarded for various exploits, including three separate Microsoft Teams demonstrations. [126] One of these exploits required no user interaction and could be used to compromise an entire organization. Also demonstrated were successful demonstrations against the Mozilla Firefox and Apple Safari web browsers. [127] Day Two of the contest was highlighted by a remote exploit of the Tesla Infotainment system. Researchers from the Synacktiv Team were able to remotely start the windshield wipers, open the trunk, and flash the headlights of the vehicle. [128] The event's final day saw three of the six Windows 11 privilege escalations successfully demonstrated. All six of these exploits used unique bugs. Samsung's flagship phone, the Galaxy S22, running the latest Android 13, was hacked in less than a minute. Once all the points were totaled, the STAR Labs team was awarded the title of Master of Pwn with $270,000 and 27 points. [129] [130]

Toronto (December 6–9)

Day 1 attempts [131]
TeamCategoryTargetResultsReferences
NettitudePrinterCanon imageCLASS MF743CdwSuccess
$20K and 2 Master of Pwn
Qrious SecureRouter (WAN)TP-Link AX1800Success
$20K and 2 Master of Pwn
[132]
Horizon3 AIPrinterLexmark MC3224iSuccess
$20K and 2 Master of Pwn
Gaurav BaruahRouter (WAN)Synology RT6600axSuccess
$20K and 2 Master of Pwn
Interrupt LabsPrinterHP Color LaserJet Pro M479fdwSuccess
$20K and 2 Master of Pwn
STAR LabsMobile PhoneSamsung Galaxy S22Success
$50K and 5 Master of Pwn
QuarkslabRouter (LAN)NETGEAR RAX30 AX2400Withdrawn
-0.5 Master of Pwn
ComputestRouter (LAN)Synology RT6600axSuccess
$5K and 1 Master of Pwn
PHPHooligansSmall Office / Home Office (SOHO) Smash-upNETGEAR RAX30 AX2400Failure
Lexmark MC3224i
ChimMobile PhoneSamsung Galaxy S22Success
$25K and 5 Master of Pwn
Interrupt LabsRouter (LAN)NETGEAR RAX30 AX2400Success
$5K and 1 Master of Pwn
TenableRouter (LAN)TP-Link AX1800Failure
DEVCORESmall Office / Home Office (SOHO) Smash-upMikrotik RouterBoard RB2011UiAS-INSuccess
$100K and 10 Master of Pwn
Canon imageCLASS MF743Cdw
Claroty ResearchNetwork Attached Storage (NAS)Synology DiskStation DS920+Success
$40K and 4 Master of Pwn
NCC Group EDGRouter (LAN)TP-Link AX1800Withdrawn
-0.5 Master of Pwn
[133]
Team ViettelPrinterHP Color LaserJet Pro M479fdwSuccess
$10K and 2 Master of Pwn
ASU SEFCOMNetwork Attached Storage (NAS)Synology DiskStation DS920+Collision
$10K and 2 Master of Pwn
Claroty ResearchRouter (LAN)NETGEAR RAX30 AX2400Success
$2.5K and 1 Master of Pwn
[134]
NCC Group EDGRouter (LAN)Synology RT6600axCollision
$1250 and 0.5 Master of Pwn
[133]
NeodymeSmall Office / Home Office (SOHO) Smash-upNETGEAR RAX30 AX2400Success
$50K and 10 Master of Pwn
HP Color LaserJet Pro M479fdw
Qrious SecureRouter (LAN)NETGEAR RAX30 AX2400Collision
$1250 and 0.5 Master of Pwn
Day 2 attempts [135]
TeamCategoryTargetResultsReferences
ANHTUD Information Security DepartmentPrinterHP Color LaserJet Pro M479fdwSuccess
$10K and 2 Master of Pwn
PHPHooligansRouter (WAN)NETGEAR RAX30 AX2400Collision
$10K and 1 Master of Pwn
BugscaleSmall Office / Home Office (SOHO) Smash-upSynology RT6600axSuccess and Collision
$37.5K and 7.5 Master of Pwn
HP Color LaserJet Pro M479fdw
Qrious SecureSmart SpeakerSonos One SpeakerSuccess
$60K and 6 Master of Pwn
[136]
Team ViettelRouter (LAN)TP-Link AX1800Success
$5K and 1 Master of Pwn
[132]
Le Tran Hai TungPrinterCanon imageCLASS MF743CdwSuccess
$10K and 2 Master of Pwn
SynacktivPrinterLexmark MC3224iSuccess
$10K and 2 Master of Pwn
STAR LabsSmart SpeakerSonos One SpeakerSuccess and Collision
$22.5K and 4.5 Master of Pwn
[136]
Summoning TeamRouter (LAN)Synology RT6600axCollision
$1250 and 0.5 Master of Pwn points
NCC Group EDGRouter (LAN)NETGEAR RAX30 AX2400Success and Collision
$7.5K and 1.5 Master of Pwn
[133]
Team ViettelPrinterCanon imageCLASS MF743CdwSuccess
$10K and 2 Master of Pwn
NCC Group EDGPrinterLexmark MC3224iSuccess
$10K and 2 Master of Pwn
Qrious SecureSmall Office / Home Office (SOHO) Smash-upNETGEAR RAX30 AX2400Failure
WD My Cloud Pro Series PR4100
DEVCOREPrinterHP Color LaserJet Pro M479fdwCollision
$5K and 1 Master of Pwn
Ledger DonjonRouter (WAN)TP-Link AX1800Withdrawn
-1 Master of Pwn
[137]
DEVCOREPrinterCanon imageCLASS MF743CdwSuccess
$10K and 2 Master of Pwn
Luca MORONetwork Attached Storage (NAS)WD My Cloud Pro Series PR4100Success
$40K and 4 Master of Pwn
[138]
Interrupt LabsMobile PhoneSamsung Galaxy S22Success
$25K and 5 Master of Pwn
BugscaleRouter (WAN)NETGEAR RAX30 AX2400Failure
Aleksei StafeevPrinterLexmark MC3224iSuccess and Collision
$7.5K and 1.5 Master of Pwn
Day 3 attempts [139]
TeamCategoryTargetResultsReferences
Team ViettelNetwork Attached Storage (NAS)WD My Cloud Pro Series PR4100Success
$20K and 4 Master of Pwn
STAR LabsSmall Office / Home Office (SOHO) Smash-upSynology RT6600axCollision
$25K and 5 Master of Pwn
Canon imageCLASS MF743Cdw
Bun Bo Ong ChiPrinterCanon imageCLASS MF743CdwSuccess
$10K and 2 Master of Pwn
DEVCORESmart SpeakerSonos One SpeakerSuccess and Collision
$22.5K and 4.5 Master of Pwn
[136]
Qrious SecureMobile PhoneSamsung Galaxy S22Failure
Team ViettelSmall Office / Home Office (SOHO) Smash-upCisco Integrated Service Router C921-4PSuccess and Collision
$37.5K and 7.5 Master of Pwn
Canon imageCLASS MF743Cdw
Pentest LimitedNetwork Attached Storage (NAS)WD My Cloud Pro Series PR4100Success
$20K and 4 Master of Pwn
Peter GeisslerPrinterCanon imageCLASS MF743CdwCollision
$5K and 1 Master of Pwn
Qrious SecureRouter (WAN)NETGEAR RAX30 AX2400Success and Collision
$8.5K and 1.75 Master of Pwn
NeodymeRouter (WAN)NETGEAR RAX30 AX2400Failure
Pentest LimitedMobile PhoneSamsung Galaxy S22Success
$25K and 5 Master of Pwn
R-SECPrinterCanon imageCLASS MF743CdwSuccess
$10K and 2 Master of Pwn
NCC Group EDGSmall Office / Home Office (SOHO) Smash-upUbiquiti Networks EdgeRouter X SFPSuccess
$50K and 10 Master of Pwn
[133]
Lexmark MC3224i
Claroty ResearchNetwork Attached Storage (NAS)WD My Cloud Pro Series PR4100Success
$20K and 4 Master of Pwn
Day 4 attempts [140]
TeamCategoryTargetResultsReferences
QuarkslabRouter (WAN)NETGEAR RAX30 AX2400Failure [141]
Peter GeisslerPrinterLexmark MC3224iFailure [142]
NCC Group EDGPrinterCanon imageCLASS MF743CdwCollision
$5K and 1 Master of Pwn
NettitudeRouter (WAN)NETGEAR RAX30 AX2400Failure
SynacktivPrinterCanon imageCLASS MF743CdwCollision
$5K and 1 Master of Pwn
[143]
Chris AnastasioPrinterLexmark MC3224iSuccess
$10K and 1 Master of Pwn
NCC Group EDGRouter (WAN)Synology RT6600axCollision
$5K and 1 Master of Pwn
[133]
ANHTUD Information Security DepartmentPrinterCanon imageCLASS MF743CdwSuccess
$10K and 1 Master of Pwn
DEVCOREPrinterLexmark MC3224iCollision
$5K and 1 Master of Pwn
SonarRouter (WAN)Synology RT6600axCollision
$5K and 1 Master of Pwn
[144]
namnpPrinterCanon imageCLASS MF743CdwSuccess
$10K and 1 Master of Pwn


See also

Related Research Articles

<span class="mw-page-title-main">Safari (web browser)</span> Web browser by Apple

Safari is a web browser developed by Apple. It is built into several of Apple's operating systems, including macOS, iOS, iPadOS and visionOS, and uses Apple's open-source browser engine WebKit, which was derived from KHTML.

<span class="mw-page-title-main">Firefox</span> Free and open-source web browser by Mozilla

Mozilla Firefox, or simply Firefox, is a free and open source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. Firefox is available for Windows 10 and later versions of Windows, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, and other platforms. It is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser.

<span class="mw-page-title-main">Favicon</span> Icon associated with a particular web site

A favicon, also known as a shortcut icon, website icon, tab icon, URL icon, or bookmark icon, is a file containing one or more small icons associated with a particular website or web page. A web designer can create such an icon and upload it to a website by several means, and graphical web browsers will then make use of it. Browsers that provide favicon support typically display a page's favicon in the browser's address bar and next to the page's name in a list of bookmarks. Browsers that support a tabbed document interface typically show a page's favicon next to the page's title on the tab, and site-specific browsers use the favicon as a desktop icon.

<span class="mw-page-title-main">Browser wars</span> Competition between web browsing applications for share of worldwide usage

A browser war is a competition for dominance in the usage share of web browsers. The "first browser war" (1995–2001) consisted of Internet Explorer and Netscape Navigator, and the "second browser war" (2004-2017) between Internet Explorer, Firefox, and Google Chrome.

Adobe Flash Player was a computer program for viewing multimedia content, executing rich Internet applications, and streaming audio and video content created on the Adobe Flash platform. It can run from a web browser as a browser plug-in or independently on supported devices. Originally created by FutureWave under the name FutureSplash Player, it was renamed to Macromedia Flash Player after Macromedia acquired FutureWave in 1996. After Adobe acquired Macromedia in 2005, it was developed and distributed by Adobe as Adobe Flash Player. It is currently developed and distributed by Zhongcheng for users in China, and by Harman International for enterprise users outside of China, in collaboration with Adobe.

A browser extension is a software module for customizing a web browser. Browsers typically allow users to install a variety of extensions, including user interface modifications, cookie management, ad blocking, and the custom scripting and styling of web pages.

<span class="mw-page-title-main">Google Chrome</span> Web browser developed by Google

Google Chrome is a web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS, iOS, iPadOS, and also for Android, where it is the default browser. The browser is also the main component of ChromeOS, where it serves as the platform for web applications.

<span class="mw-page-title-main">Private browsing</span> Privacy feature in some web browsers

Private browsing is a feature in some web browsers that enhances user privacy. In this mode, the browser initiates a temporary session separate from its main session and user data. The browsing history is not recorded, and local data related to the session, like Cookies and Web cache, are deleted once the session ends. The primary purpose of these modes is to ensure that data and history from a specific browsing session do not remain on the device or get accessed by another user of the same device. In web development, it can be used to quickly test displaying pages as they appear to first-time visitors.

<span class="mw-page-title-main">Clickjacking</span> Malicious technique of tricking a Web user

Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.

<span class="mw-page-title-main">WebGL</span> JavaScript bindings for OpenGL in web browsers

WebGL is a JavaScript API for rendering interactive 2D and 3D graphics within any compatible web browser without the use of plug-ins. WebGL is fully integrated with other web standards, allowing GPU-accelerated usage of physics, image processing, and effects in the HTML canvas. WebGL elements can be mixed with other HTML elements and composited with other parts of the page or page background.

Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.

Vupen Security was a French information security company founded in 2004 and based in Montpellier with a U.S. branch based in Annapolis, Maryland. Its specialty was in discovering zero-day vulnerabilities in software from major vendors in order to sell them to law enforcement and intelligence agencies which used them to achieve both defensive and offensive cyber-operations. Vupen ceased trading in 2015, and the founders created a new company Zerodium.

Encrypted Media Extensions (EME) is a W3C specification for providing a communication channel between web browsers and the Content Decryption Module (CDM) software which implements digital rights management (DRM). This allows the use of HTML video to play back DRM-wrapped content such as streaming video services without the use of heavy third-party media plugins like Adobe Flash or Microsoft Silverlight. The use of a third-party key management system may be required, depending on whether the publisher chooses to scramble the keys.

Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014.

FREAK is a security exploit of a cryptographic weakness in the SSL/TLS protocols introduced decades earlier for compliance with U.S. cryptography export regulations. These involved limiting exportable software to use only public key pairs with RSA moduli of 512 bits or fewer, with the intention of allowing them to be broken easily by the National Security Agency (NSA), but not by other organizations with lesser computing resources. However, by the early 2010s, increases in computing power meant that they could be broken by anyone with access to relatively modest computing resources using the well-known Number Field Sieve algorithm, using as little as $100 of cloud computing services. Combined with the ability of a man-in-the-middle attack to manipulate the initial cipher suite negotiation between the endpoints in the connection and the fact that the finished hash only depended on the master secret, this meant that a man-in-the-middle attack with only a modest amount of computation could break the security of any website that allowed the use of 512-bit export-grade keys. While the exploit was only discovered in 2015, its underlying vulnerabilities had been present for many years, dating back to the 1990s.

<span class="mw-page-title-main">Progressive web app</span> Specific form of single page web application

A progressive web application (PWA), or progressive web app, is a type of web app that can be installed on a device as a standalone application. PWAs are installed using the offline cache of the device's web browser.

Alisa Shevchenko, professionally known as Alisa Esage, is a Russian-born computer security researcher, entrepreneur and hacker with Ukrainian roots. She is known for working independently with dominant software corporations such as Google and Microsoft to find and exploit security weaknesses in their products; being the first female participant in Pwn2Own, the world's premiere professional hacking competition with significant cash prizes; and being accused by the government of the United States of hacking the presidential elections in 2016.

Zero Day Initiative (ZDI) is an international software vulnerability initiative that was started in 2005 by TippingPoint, a division of 3Com. The program was acquired by Trend Micro as a part of the HP TippingPoint acquisition in 2015.

Version history for TLS/SSL support in web browsers tracks the implementation of Transport Layer Security protocol versions in major web browsers.

References

  1. 1 2 3 Ruiu, Dragos (March 20, 2007). "PWN to OWN (was Re: How Apple orchestrated web attack on researchers)". Archived from the original on May 27, 2012. Retrieved April 1, 2012.
  2. 1 2 3 Goodin, Dan (20 April 2007). "Safari zero-day exploit nets $10,000 prize". Vancouver: The Register . Retrieved 10 April 2010.
  3. 1 2 3 4 5 Goodin, Dan (January 14, 2019), Pwn2Own contest will pay $900,000 for hacks that exploit this Tesla, Ars Technica , retrieved August 16, 2019
  4. Dustin Childs (19 March 2024). "PWN2OWN VANCOUVER 2024 - THE FULL SCHEDULE". zerodayinitiative.com.
  5. 1 2 3 4 Forslof, Terri (May 3, 2007). "Apple issues patch for QuickTime flaw". Archived from the original on January 25, 2012. Retrieved April 1, 2012.
  6. 1 2 3 Forslof, Terri (25 Feb 2009). "Pwn2Own 2009". Digital Vaccine Laboratories. TippingPoint. Archived from the original on 29 March 2010. Retrieved 11 April 2010.
  7. 1 2 3 4 Whittaker, Zack (November 9, 2019), Two security researchers earned $60,000 for hacking an Amazon Echo., TechCrunch , retrieved November 14, 2019
  8. 1 2 3 4 5 Naraine, Ryan (March 26, 2007). "How long can a Mac survive the hacker jungle?". ZDNet . Archived from the original on January 25, 2013. Retrieved April 1, 2012.
  9. Naraine, Ryan (February 1, 2007). "Mac Developer mulling OS X equivalent of ZERT". ZDNet . Archived from the original on May 20, 2010. Retrieved April 1, 2012.
  10. Orchant, Marc (February 6, 2007). "Cancel or Allow? Good poke at Vista UAC". ZDNet . Retrieved April 1, 2012.
  11. 1 2 "About the Zero Day Initiative". Zero Day Initiative. Archived from the original on March 18, 2012. Retrieved April 1, 2012.
  12. 1 2 3 4 5 Forslof, Terri (March 19, 2008). "CanSecWest PWN to OWN 2008 (updated)". Archived from the original on March 14, 2012. Retrieved April 1, 2012.
  13. 1 2 3 4 5 Ruiu, Dragos (March 20, 2008). "CanSecWest 2008 PWN2OWN - Mar 26-28" . Retrieved April 1, 2012.
  14. 1 2 "Zero Day Initiative". Archived from the original on 2012-03-01.
  15. 1 2 3 Naraine, Ryan (March 7, 2012), Pwn2Own 2012: Google Chrome browser sandbox first to fall, ZDnet [ dead link ]
  16. 1 2 3 4 5 6 Naraine, Ryan (March 7, 2012), Charlie Miller skipping Pwn2Own as new rules change hacking game, ZDnet, archived from the original on March 10, 2012
  17. 1 2 Show off Your Security Skills: Pwn2Own and Pwnium 3, The Chromium Blog, January 28, 2013
  18. "Chrome, Firefox and IE Fall at Pwn2Own 2013". eSecurityPlanet. 2013-03-07. Retrieved 2022-05-06.
  19. 1 2 Keizer, Gregg (September 14, 2016), Google offers $200K for top prize in new Android hack challenge, Computer World , retrieved November 28, 2019
  20. 1 2 "Pwn2Own 2015: The year every web browser went down". ZDNet. Retrieved 2015-11-25.
  21. 1 2 3 4 Armasu, Lucian (16 March 2018). "Pwn2Own 2018: Focus Changes To Kernel Exploits As Browsers Get Harder To Hack". Tom's Hardware. Purch Group. Retrieved 27 September 2018.
  22. 1 2 3 4 Whittaker, Zack (August 28, 2019), Hackers to stress-test Facebook Portal at hacking content, TechCrunch , retrieved August 16, 2019
  23. 1 2 Starks, Tim (October 29, 2019), "The future and past of Energy and Commerce", Politico , retrieved November 28, 2019
  24. 1 2 3 "Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability" . Retrieved 31 March 2012.
  25. 1 2 3 Vaas, Lisa (April 20, 2007). "Mac Hacked Via Safari Browser in Pwn-2-Own Contest". eWeek. Archived from the original on January 22, 2013. Retrieved March 10, 2011.
  26. 1 2 3 4 "Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability". April 16, 2008. Archived from the original on November 20, 2012. Retrieved April 1, 2012.
  27. 1 2 3 4 Schofield, Jack (18 March 2009). "Pwn2Own 2009: Mac falls in seconds". The Guardian. Retrieved 2021-01-07.
  28. 1 2 3 4 "Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability". April 8, 2008. Retrieved April 1, 2012.
  29. 1 2 "Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability". May 13, 2009. Retrieved April 1, 2012.
  30. 1 2 Forslof, Terri (March 18, 2009). "Pwn2Own 2009 Day 1 - Safari, Internet Explorer, and Firefox Taken Down by Four Zero-Day Exploits". Archived from the original on March 22, 2009. Retrieved April 1, 2009.
  31. 1 2 "Apple Safari Malformed SVGList Parsing Code Execution Vulnerability". May 13, 2009. Retrieved April 1, 2012.
  32. 1 2 "Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability". March 30, 2009. Retrieved April 1, 2012.
  33. 1 2 3 4 5 6 7 8 9 Mills, Elinor (March 24, 2010). "iPhone, Safari, IE 8, Firefox hacked in CanSecWest contest". CNet. Archived from the original on January 19, 2013. Retrieved 10 April 2010.
  34. 1 2 3 "pwn2own day one: Safari, IE8 fall, Chrome unchallenged". Arstechnica. 10 March 2011.
  35. 1 2 3 4 5 6 7 8 9 "Pwn2Own day 2: iPhone, BlackBerry beaten; Chrome, Firefox no-shows". Arstechnica. 11 March 2011.
  36. 1 2 Goodin, Dan (March 8, 2012), IE 9, on most secure Windows yet, next browser to fall at hacker contest, Ars Technica
  37. 1 2 3 Researchers hack into newest Firefox with zero-day flaw, ZDnet, March 9, 2012
  38. 1 2 3 Iain Thomson. "Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k". The Register.
  39. 1 2 3 "Pwn2Own 2013". Hewlett Packard Enterprise. 2 March 2013. Archived from the original on 10 March 2013. Retrieved 10 March 2013.
  40. 1 2 Chrome for Android Update, Google Chrome, November 14, 2013, retrieved November 17, 2019
  41. "Set Fire to the Phone".
  42. "Black Hat USA 2016". www.blackhat.com. Retrieved 2024-06-14.
  43. 1 2 Protalinski, Emil (2016-03-18). "Pwn2Own 2016: Chrome, Edge, and Safari hacked, $460,000 awarded in total". VentureBeat. Retrieved 2024-06-14.
  44. 1 2 3 "Pwn2Own Day Two: Safari, Edge Go Down And Winner Crowned". threatpost.com. 2016-03-18. Retrieved 2024-06-14.
  45. "Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own". threatpost.com. 2016-10-27. Retrieved 2024-06-14.
  46. 1 2 3 "Chinese Hackers won $215,000 for Hacking iPhone and Google Nexus at Mobile Pwn2Own". The Hacker News. Retrieved 2024-06-14.
  47. 1 2 3 Moore, Mike (August 12, 2019), Amazon Echo vulnerable to old security flaws, Engadget , retrieved November 14, 2019
  48. 1 2 "Zero Day Initiative — Pwn2Own Tokyo 2019 – Day One Results". Zero Day Initiative. Retrieved 2020-01-13.
  49. 1 2 "Zero Day Initiative — Pwn2Own Tokyo 2019 – Day Two Final Results". Zero Day Initiative. Retrieved 2020-01-13.
  50. 1 2 3 4 5 6 7 "Zero Day Initiative — Welcome to Pwn2Own 2020 - The Schedule and Live Results". Zero Day Initiative. Retrieved 2022-12-10.
  51. 1 2 3 4 "Zero Day Initiative — Pwn2Own 2020 – Day One Results". Zero Day Initiative. Retrieved 2022-12-10.
  52. 1 2 3 "Zero Day Initiative — Pwn2Own Day Two – Results and Master of Pwn". Zero Day Initiative. Retrieved 2022-12-10.
  53. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 "Zero Day Initiative — Pwn2Own Tokyo (Live from Toronto) - Schedule and Live Results". Zero Day Initiative. Retrieved 2022-12-10.
  54. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 "Zero Day Initiative — Pwn2Own 2021 - Schedule and Live Results". Zero Day Initiative. Retrieved 2022-12-11.
  55. 1 2 3 4 5 Zuckerbraun, Simon (6 January 2022). "The Top 5 Bugs Submitted in 2021". Zero Day Initiative. Retrieved 14 May 2024.
  56. Naraine, Ryan (April 23, 2007). "10 questions for MacBook hacker Dino Dai Zovi". ZDNet. Archived from the original on June 4, 2010. Retrieved 16 November 2010.
  57. "MacBook gets hacked in security conference contest". IT Pro. 23 April 2007. Retrieved 2021-01-07.
  58. "PWN to OWN Day Two: First Winner Emerges! (updated)". March 27, 2008. Archived from the original on April 12, 2012. Retrieved April 1, 2012.
  59. "PWN to OWN: Final Day (and another winner!)". March 28, 2008. Archived from the original on April 12, 2012. Retrieved April 1, 2012.
  60. Kebbel-Wyen, John (April 4, 2008). "Adobe Product Security Incident Response Team (PSIRT) Blog / CanSecWest 2008 Pwn2Own Contest". Archived from the original on April 17, 2012. Retrieved April 1, 2012.
  61. Ruiu, Dragos (February 15, 2009). "CanSecWest 2009 Speakers and Dojo courses (Mar 14-20)" . Retrieved April 1, 2012.
  62. 1 2 3 4 Ruiu, Dragos (March 18, 2009). "PWN2OWN Final Rules". Archived from the original on April 4, 2012. Retrieved April 1, 2012.
  63. Foresman, Chris (March 27, 2009). "Pwn2Own winner says Macs are more safe, though less secure". Ars Technica . Retrieved 11 April 2010.
  64. "Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability". June 10, 2009. Retrieved April 1, 2012.
  65. Tinnes, Julien. "Write once, own everyone, Java deserialization issues" . Retrieved 8 September 2013.
  66. Forslof, Terri (March 21, 2009). "Pwn2Own Wrap Up". Archived from the original on February 11, 2012. Retrieved April 1, 2012.
  67. 1 2 3 Portnoy, Aaron (15 Feb 2010). "Pwn2Own 2010". TippingPoint. Archived from the original on 13 April 2010. Retrieved 10 April 2010.
  68. "About the security content of Safari 4.0.5". Apple Inc. 15 March 2010. Retrieved 4 May 2010.
  69. "Opera Mini reaches important milestone — Crosses 50 million active users". Opera Software ASA. February 12, 2010. Archived from the original on 23 December 2011. Retrieved 23 July 2011.
  70. "One browser. 3000 phones". Opera Software ASA. July 8, 2010. Archived from the original on 8 July 2011. Retrieved 23 July 2011.
  71. "One hundred million". Opera Software ASA. February 10, 2011. Archived from the original on 6 August 2011. Retrieved 23 July 2011.
  72. "Opera reaches (another) 100 million users". Opera Software ASA. April 7, 2011. Archived from the original on 13 July 2011. Retrieved 23 July 2011.
  73. "Mozilla Foundation Security Advisory 2010-25 - Re-use of freed object due to scope confusion". Mozilla. April 1, 2010. Retrieved 10 April 2010.
  74. Announcing Pwn2Own 2011, TippingPoint Digital Vaccine Laboratories Blog, February 2, 2011, archived from the original on February 10, 2011
  75. PWN2OWN 2012 rules Archived March 1, 2012, at the Wayback Machine
  76. PWN2OWN 2012 status Archived June 26, 2012, at the Wayback Machine
  77. Naraine, Ryan (March 7, 2012), CanSecWest Pwnium: Google Chrome hacked with sandbox bypass, ZDnet, archived from the original on March 8, 2012
  78. "At hacking contest, Google Chrome falls to third zero-day attack (Updated)". Ars Technica. 10 March 2012.
  79. "After the pwnage: Critical Google Chrome hole plugged in 24 hours". Ars Technica. 8 March 2012.
  80. 1 2 Constantin, Lucian (14 November 2013), Researchers hack Internet Explorer 11 and Chrome at Mobile Pwn2Own, PCWorld , retrieved November 18, 2019
  81. "Chrome; Firefox; IE 10; Java; Win 8 fall at #pwn2own hackfest". SC Magazine. Archived from the original on 2013-03-10. Retrieved 2013-03-07.
  82. "Pwn2Own results for Wednesday (Day One)". Archived from the original on 2014-03-16. Retrieved 2014-03-15.
  83. "Pwn2Own results for Thursday (Day Two)". Archived from the original on 2014-03-17. Retrieved 2014-03-15.
  84. 1 2 Westervelt, Robert (June 10, 2014), Microsoft Fixes 57 Internet Explorer Flaws, Addresses Hacker Contest Bugs, CRN , retrieved November 19, 2019
  85. 1 2 Keizer, Gregg (March 17, 2014), Google patches $310K worth of Chrome, Chrome OS bugs, Computerworld , retrieved November 18, 2019
  86. Tung, Liam (March 14, 2014), Pwn2Own: 14 browser and plugin exploits the NSA won't be buying, Zdnet , retrieved November 18, 2019
  87. "At this year's #Pwn2Own we used a total of 11 zero-days & we reported *full* exploits (including sandbox escapes) to HP+Vendors to fix them!". Archived from the original on 2015-04-02. Retrieved 2014-03-15.
  88. "Listy Things". Archived from the original on 2016-03-20.
  89. Kerner, Sean Michael (March 14, 2014), Pwn2Own 2014 Claims IE, Chrome, Safari and More Firefox Zero-Days, eWeek , retrieved November 18, 2019
  90. "Windows Phone security sandbox survives Pwn2Own unscathed". Ars Technica. November 13, 2014.
  91. Deng, Iris (3 April 2019), Tencent-backed hackers who drew praise from Elon Musk once revealed flaws in Apple's iOS, South China Morning Post , retrieved November 29, 2019
  92. "Every browser goes down". Zdnet. March 23, 2015.
  93. Pauli, Darren (August 4, 2016), Hackers detail the blood and guts of the 2016 Pwn2Own exploit expo , retrieved November 29, 2019
  94. "Chrome, Edge, and Safari all hacked". VentureBeat. March 18, 2016.
  95. "Pwn2Own 2016: Windows Most Hacked, Edge Holds Its Own, Firefox Missing In Action". eWeek. 11 February 2016.
  96. Russon, Mary-Ann (March 21, 2017), VMWare virtual machine finally hacked at Pwn2Own 2017 security conference , retrieved November 28, 2019
  97. "Pwn2Own2017: Chrome the winner". SecurityZap. 4 April 2017.[ dead link ]
  98. 1 2 Heller, Michael (November 3, 2017), Researchers hack iOS 11 at Mobile Pwn2Own 2017 , retrieved November 28, 2019
  99. Brewster, Thomas (November 1, 2017), "Apple Warned About Evil Wi-Fi Attack That Installs Malware On iPhones", Forbes
  100. 1 2 Blue, Violet (March 16, 2018), When China hoards its hackers everyone loses, Engadget
  101. Stangel, Luke (January 22, 2018), Google just cut a check for its biggest bug bounty in history, Silicon Valley Business Journal , retrieved November 29, 2019
  102. Abacus (November 19, 2019), Chinese hackers break into Chrome, Microsoft Edge and Safari in competition, South China Morning Post , retrieved November 27, 2019
  103. 1 2 "Hackers Awarded $267,000 at Pwn2Own 2018". Security Week. 16 March 2018.
  104. Kerner, Sean Michael (15 March 2018). "Pwn2Own 2018 Hackers Earn $162K for Safari, Edge, VirtualBox Exploit". eWEEK. QuinStreet Enterprise. Retrieved 27 September 2018.
  105. "Pwn2Own 2018 Rules". Zero Day Initiative. Archived from the original on 18 June 2018. Retrieved 27 September 2018.
  106. 1 2 Fingas, Jon (November 10, 2019), Amazon Echo Show falls victim to an old flaw at hacking contest, TechRader, retrieved November 14, 2019
  107. Gorenc, Brian (October 28, 2019). "Pwn2Own Miami – Bringing ICS into the Pwn2Own World". TheZDI.com. Retrieved April 16, 2021.
  108. "Pwn2Own Miami: Hackers scoop $250,000 in prizes during inaugural ICS security contest". www.portswigger.net. 24 January 2020. Retrieved 2021-04-16.
  109. "Inside the World's Highest-Stakes Industrial Hacking Contest". Wired. Retrieved 2021-04-16.
  110. Childs, Dustin (January 21, 2020). "PWN2OWN Miami 2020 - Schedule and Live Results". TheZDI.com. Retrieved April 16, 2021.
  111. "Hack a Tesla, get a Model 3 and nearly $1 million". www.cnet.com. Retrieved 2021-04-20.
  112. "Windows, Ubuntu, macOS, VirtualBox fall at Pwn2Own hacking contest". ZDNet . Retrieved 2021-04-20.
  113. "Defying Covid-19's Pall: Pwn2Own Goes Virtual". threatpost.com. 20 March 2020. Retrieved 2021-04-20.
  114. "Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020". securityweek.com. 9 November 2020. Retrieved 2021-04-20.
  115. Childs, Dustin (November 5, 2020). "Pwn2Own Tokyo (Live From Toronto) - Schedule and Live Results". thezdi.com. Retrieved April 20, 2021.
  116. "Pwn2Own Tokyo Day 3: Team Flashback crowned Master of Pwn". securityaffaris.co. 8 November 2020. Retrieved 2021-04-20.
  117. Gorenc, Brian (January 26, 2021). "Announcing Pwn2Own Vancouver 2021". zerodayinitiative.com. Retrieved May 28, 2021.
  118. Mike Peterson (Apr 8, 2021). "Security researcher earns $100K prize for Safari exploit at Pwn2Own 2021". appleinsider.com.
  119. Joel Khalili (April 9, 2021). "Windows 10 falls victim to hackers, but not how you might think". techradar.com.
  120. Thomas Brewster (Apr 8, 2021). "Microsoft Teams And Zoom Hacked In $1 Million Competition". forbes.com.
  121. Adam Bannister (9 April 2021). "Pwn2Own 2021: Zero-click Zoom exploit among winners as payout record smashed". portswigger.net.
  122. John Leyden (Apr 22, 2022). "Pwn2Own Miami: Hackers earn $400,000 by cracking ICS platforms". portswigger.net.
  123. Lucas Ropek (Apr 22, 2022). "It's Pretty Easy to Hack the Program That Runs Our Power Grids, It Turns Out". gizmodo.com.
  124. Patrick Howell O'Neill (Apr 21, 2022). "These hackers showed just how easy it is to target critical infrastructure". technologyreview.com.
  125. Andrada Fiscutean (May 18, 2022). "How Pwn2Own Made Bug Hunting a Real Sport". darkreading.com.
  126. Davey Winder (May 19, 2022). "Microsoft Windows 11 Hacked Six Times in Three Days". forbes.com.
  127. Pierluigi Paganini (May 19, 2022). "Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000". securityaffairs.co.
  128. Sergiu Gatlan (May 20, 2022). "Windows 11 hacked again at Pwn2Own, Telsa Model 3 also falls". bleepingcomputer.com.
  129. Jessica Haworth (May 23, 2022). "Pwn2Own Vancouver: 15th annual hacking event pays out $1.2m for high-impact security bugs". portswigger.net.
  130. "Samsung Galaxy S22 hacked in 55 seconds on Pwn2Own Day 3". BleepingComputer. Retrieved 2022-12-10.
  131. "Zero Day Initiative — Pwn2Own Toronto 2022 - Day One Results". Zero Day Initiative. Retrieved 2023-06-12.
  132. 1 2 "TP-Link WAN-side Vulnerability CVE-2023-1389 Added to the Mirai Botnet Arsenal". 2023-04-24. Retrieved 2023-06-12.
  133. 1 2 3 4 5 "Your not so "Home Office" - SOHO Hacking at Pwn2Own" (PDF). 2023-04-23. Retrieved 2023-06-12.
  134. "Pwn2Own Toronto 22: Exploit Netgear Nighthawk RAX30 Routers". Claroty. Retrieved 2023-06-12.
  135. "Zero Day Initiative — Pwn2Own Toronto 2022 - Day Two Results". Zero Day Initiative. Retrieved 2023-06-12.
  136. 1 2 3 "Zero Day Initiative — Exploiting the Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highlight". Zero Day Initiative. Retrieved 2023-06-12.
  137. "Prepping for Pwn2Own 2022". Ledger Labs. 30 January 2023. Retrieved 2023-06-12.
  138. "Zero Day Initiative — CVE-2022-29844: A Classic Buffer Overflow on the Western Digital My Cloud Pro Series PR4100". Zero Day Initiative. Retrieved 2023-06-12.
  139. "Zero Day Initiative — Pwn2Own Toronto 2022 - Day Three Results". Zero Day Initiative. Retrieved 2023-06-12.
  140. "Zero Day Initiative — Pwn2Own Toronto 2022 - Day Four Results and Master of Pwn". Zero Day Initiative. Retrieved 2023-06-12.
  141. "Our Pwn2Own journey against time and randomness (part 1)". blog.quarkslab.com. Retrieved 2023-06-12.
  142. blasty (2023-06-11), lexmark printer haxx , retrieved 2023-06-12
  143. "The printer goes brrrrr, again!". Synacktiv (in French). Retrieved 2023-06-12.
  144. "Patches, Collisions, and Root Shells: A Pwn2Own Adventure". www.sonarsource.com. 2023-08-14. Retrieved 2023-09-17.