Pwn2Own Vancouver 2024: Bringing Cloud-Native/Container Security to Pwn2Own

JRViejo · Feb 19, 2024

Even though we’re a week out from our first ever Pwn2Own Automotive, it’s time to start thinking ahead to the original Pwn2Own event, which takes place at CanSecWest in Vancouver on March 20-22, 2024. We’re always excited to return to Vancouver for the event, but we are cognizant of the evolution of the event as well. The contest began with a single Mac Book, but over the years, it grew to include web browsers, enterprise applications, virtualization solutions, and an automotive category. Last year, we awarded over $1,000,000 in cash and prizes – including a Tesla Model 3. This year, we evolved again by simplifying the Automotive category and adding a Cloud-Native/Container category.

We introduced the Virtualization category back in 2016 because we wanted to see what the state-of-the-art in exploits targeting hypervisors looked like. Many cloud services rely on virtualization, and that was the beginning of bringing “The Cloud™” into Pwn2Own. Since that time, the industry has adopted other cloud-native technologies and made containers a central part of enterprise deployments. Of course, that just makes them a great choice to include in Pwn2Own, and we’re excited to see what exploits contestants bring for these targets.
Click to expand...

Pwn2Own Vancouver 2024: Bringing Cloud-Native/Container Security to Pwn2Own by Dustin Childs

JRViejo · Mar 21, 2024

And we’re done with Day One of Pwn2Own Vancouver 2024. We awarded $732,500 USD for 19 unique 0-days. See below for the details of each event. Here are the Master of Pwn standings after the first day:
Click to expand...

Pwn2Own Vancouver 2024 - Day One Results March 20, 2024 by Dustin Childs

JRViejo · Mar 22, 2024

And that’s a wrap! Pwn2Own Vancouver 2024 has come to a close. In total, we awarded $1,132,500 for 29 unique 0-days. We’re also happy to award Manfred Paul with the title of Master of Pwn. He won $202,500 and 25 points total. Combining the last three events (Toronto, Automotive, and Vancouver), we’ve awarded $3,494,750 for this year’s Pwn2Own events. Here’s how the Top 10 of this event added up:
Click to expand...

Pwn2Own Vancouver 2024 - Day Two Results by Dustin Childs

Rasheed187 · May 5, 2024

Well, apparantly Firefox was the only one which was hacked via sandbox escape, without needing a Windows privilege exploit, so much for Firefox being more secure than Chromium. They did at least fix it within 24 hours though.

https://blog.mozilla.org/security/2024/04/04/rapidly-leveling-up-firefox-security/

Log in or Sign up

Pwn2Own Vancouver 2024: Bringing Cloud-Native/Container Security to Pwn2Own

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

Rasheed187 Registered Member

Log in or Sign up

Pwn2Own Vancouver 2024: Bringing Cloud-Native/Container Security to Pwn2Own

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

Rasheed187 Registered Member

Useful Searches