Pwn2Own 2019

Discussion in 'other security issues & news' started by JRViejo, Mar 12, 2019.

  1. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,027
    Location:
    Texas
    Apple, Oracle, VMware Software Hacked at Pwn2Own 2019
     
  3. guest

    guest Guest

    Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks
    March 22, 2019
    https://securityaffairs.co/wordpress/82711/hacking/pwn2own-2019-day2.html
     
  4. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,027
    Location:
    Texas
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    No attempts at hacking Chromium browser?
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No probably not, that's why they combine it with a Windows kernel exploit. The point of a sandbox is that even when you get remote code execution, malware will still run with limited rights. But on browsers like Chrome and Firefox it gets more and more difficult to find remote code execution bugs, that's why you don't read about them that much anymore.

    Yes, a bit weird.
     
  9. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Considering Chrome exploits pay larger awards, I can only assume the contestants haven't found a way to hack it.
     
  10. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
    Don't believe Tesla has that browser at the moment.

    https://www.businessinsider.com/elon-musk-tesla-web-browser-chromium-2019-3
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
  12. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
    wat0114, you're welcome! Looks like there's no date as to when the Tesla browser will be changed, according to reports, and yes, I don't know why Chrome was not included in their testing this time. Take care.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I guess so, but they did manage to hack Chromium.
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I had to look for that. It was the infotainment system in the Tesla, so I don't know how that browser compares to the one used on pc's.
     
  15. guest

    guest Guest

    The Story of Two Winning Pwn2Own JIT Vulnerabilities in Mozilla Firefox
    April 18, 2019
    https://www.thezdi.com/blog/2019/4/...wn2own-jit-vulnerabilities-in-mozilla-firefox
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.