Pwn2Own 2021, more than $1,500,000 in cash and prizes for contestants Trend Micro’s Zero Day Initiative announced the Pwn2Own Vancouver 2021 hacking competition that will also cover Zoom, MS Teams Exploits January 27, 2021 https://securityaffairs.co/wordpress/113923/hacking/pwn2own-2021-announcement.html Zero Day Initiative – Announcing Pwn2Own Vancouver 2021
Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own https://www.bleepingcomputer.com/ne...dows-10-exchange-and-teams-hacked-at-pwn2own/
You see what I mean, it's just as easy to hack macOS as it is to hack Windows. Today they will try to hack Chrome and Edge, I have no doubt they will be able to do so. That's why I always run Sandboxie on top.
Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall https://www.bleepingcomputer.com/ne...d-again-at-pwn2own-chrome-and-zoom-also-fall/
No correct, I'm sure they will be able to hack Sandboxie. Also, if Windows kernel exploits are being used, then Sandboxie will most likely also fail to protect the system. But I'm talking about a scenario where hackers are using "user mode" exploits found in for example Chrome, Firefox or Edge to bypass the browser sandbox. Sandboxie will most likely still protect the system if it's not being targeted directly.
These are all "vanilla" installations of the product's being hacked. It's ultimately up to the end user to harden them against continual threats.
Well, perhaps I'm misunderstanding you, but I'm afraid there isn't anything you can do to stop browsers like Chrome, Edge and Firefox from being hacked, there is no way to harden them via any extra settings. The built-in sandbox should normally protect you, but as you can see in this contest, they are not bulletproof. But you can protect the system with third party tools like HitmanPro.Alert and Sandboxie for example. Most of the time, hackers won't bother to try to bypass these type of specialized tools but they might try to bypass AV's.
I'm talking utilizing 3rd-party measures, as you mention. I would really like to see either my windows 10 Chrome browser setup or Linux Chromium browser setup go up against these threats launched in a real world situation. EDIT a browser script blocker too.
Researchers earn $1,2 million for exploits demoed at Pwn2Own 2021 https://www.bleepingcomputer.com/ne...-million-for-exploits-demoed-at-pwn2own-2021/
Yes it's not real world, because they would still need to bypass third party security tools. BTW, from what I understood, they used "user mode" exploits in order to bypass Chrome and Edge, so I assume they managed to bypass the sandbox without using any bug in the Windows kernel. In such a scenario, Sandboxie would most likely protect the system, as I mentioned earlier. It would simply virtualize the malware.
I'd be particularly interested in this contest if they could try hacking these products with typical 3rd-party security in place.
Yes, this would make it even more interesting. For example, could they succesfully pull off an attack with ransomware. This means they would have to bypass AV, which is not impossible especially if it's a in-memory attack. But I don't think it's that easy to bypass tools like OSArmor, HMPA and Sandboxie. On the other hand, if they would use Windows kernel exploits, all bets are off.
Exactly Actually, I'd really like to see these guys take a shot at my Chromium/Chrome/Firefox Apparmor-enforced browsers running on Linux. EDIT Scroll about halfway down where they launch the calculator, and you will see the exploit.html file launched from userspace. This once again demonstrates the importance of security enforcement in non-protected directories. https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html
That's the thing, you will always need to execute malware and perhaps also certain LOLBins, so a tool like OSArmor would make things difficult. Same goes for a tool like HMPA which will block certain exploitation methods and Sandboxie will virtualize the file system and limit rights. So they would need to attack all of these tools individually or use some Windows kernel bug.
Details Disclosed for Zoom Exploit That Earned Researchers $200,000 August 24, 2021 https://www.securityweek.com/details-disclosed-zoom-exploit-earned-researchers-200000
