Search results for Pwn2Own | Breaking Cybersecurity News | The Hacker News

$60000 for Exploiting Google Chrome, Hackers at Pwnium  work... Google has offered prizes, totalling $1 million, to those who successfully hack the Google Chrome browser at the Pwn2Own hacker contest taking place next week i.e 7 March 2012. Chrome is the only browser in the contest's six year history to not be exploited like at all.  Therefore Google will hand out prizes of $60,000, $40,000, and $20,000 for contestants able to remotely commandeer a fully-patched browser running on Windows 7. Finding a "Full Chrome Exploit," obtaining user account persistence using only bugs in the browser itself will net the $60k prize. Using webkits, flash, or a driver-based exploit can only earn the lesser amounts. Prizes will be awarded on a first-come-first-serve basis, until the entire $1 million has been claimed. " While we're proud of Chrome's leading track record in past competitions, the fact is that not receiving exploits means that it's harder to learn and improve ," said C

A French information security company VUPEN has recently disclosed that it held onto a serious Internet Explorer (IE) vulnerability for at least three years before revealing it at the Pwn2Own hacker competition held in March this year. The critical zero-day vulnerability affected versions 8, 9, 10 and 11 of Internet Explorer browser that allowed attackers to remotely bypass the IE Protected Mode sandbox. An attacker can exploit this issue to gain elevated privileges. VULNERABILITY DISCLOSURE TIMELINE According to a disclosure made by the security company last week, the vulnerability with ID  CVE-2014-2777  was discovered by the company on 12 February 2011, which was  patched by Microsoft  last month. 12 February 2011 - IE Zero-day discovered by Vupen. 13 March 2014 - Vupen reported to Microsoft. 11 June 2014 - Microsoft Released patch and publicly released the advisory . Sandbox is security mechanism used to run an application in a restricted environment. If an attacker is ab

iPhone 5  is vulnerable to the same attack that successfully breached an iPhone 4S at the mobile Pwn2Own hacker contest held this week at the EUSecWest event in Amsterdam . As we reported that Joost Pol and Daan Keuper won the mobile Pwn2Own contest by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone. The vaunted security of the iPhone (4S) took an epic fail tumble during the event when they was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, which means iPhone 5 is  also vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable. " We specifically chose this one because it was present in iOS 6, which means the new iPhone coming out today will be vulnerable to this attack ," Pol said. The duo won $30,000 for their effor

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users. Security teams also face an acute talent shortage.  In this guide, we'll lay out practical steps organizations can take to automate more of their processes and build an autonomous SOC strategy . This should address the acute talent shortage in security teams, by employing artificial intelligence and machine learning with a variety of techniques, these systems simulate the decision-making and investigative processes of human analysts. First, we'll define objectives for an autonomous SOC strategy and then consider key processes that could be automated. Next, we'll consider different AI and automation

Google has fixed a series of serious vulnerabilities in its Chrome OS , including three high-risk bugs that could be used for code execution on vulnerable machines. Bug bounties is the cash prizes offered by open source communities to anyone who finds key software bugs have been steadily on the rise for several years now. As part of its reward program, Google paid out $31,336 to a researcher who found three of the vulnerabilities . Google's post notes : " We're pleased to reward Ralf-Philipp Weinmann $31,336 under the Chromium Vulnerability Rewards Program for a chain of three bugs, including demo exploit code and very detailed write-up. We are grateful to Ralf for his work to help keep our users safe. " The three-bug chain credited to Weinmann exploited O3D, a JavaScript API (application programming interface) designed for crafting interactive 3-D graphics-based Web applications. The API and supporting browser plug-in were created by Google, with a preliminary ve

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI)  said  in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE at the Pwn2Own hacking contest held in Toronto late last year, netting them $105,000 in monetary rewards. The list of four flaws, which impact Sonos One Speaker 70.3-35220, is below - CVE-2023-27352  and  CVE-2023-27355  (CVSS scores: 8.8)  - Unauthenticated flaws that allow network-adjacent attackers to execute arbitrary code on affected installations. CVE-2023-27353  and  CVE-2023-27354  (CVSS score: 6.5)  - Unauthenticated flaws that allow network-adjacent attackers to disclose sensitive information on affected installations. While CVE-2023-27352 stems from when processing SMB directory query commands, CVE-2023-27355 exists within the MPEG-TS pars

The maintainers of the Tails project have issued a warning that the Tor Browser that's bundled with the operating system is unsafe to use for accessing or entering sensitive information. "We recommend that you stop using Tails until the release of 5.1 (May 31) if you use Tor Browser for sensitive information (passwords, private messages, personal information, etc.)," the project  said  in an advisory issued this week. Tails, short for The Amnesic Incognito Live System, is a security-oriented Debian-based Linux distribution aimed at preserving privacy and anonymity by connecting to the internet through the Tor network. The alert comes as Mozilla on May 20, 2022 rolled out fixes for  two critical zero-day flaws  in its Firefox browser, a modified version of which acts as the foundation of the Tor Browser. Tracked as CVE-2022-1802 and CVE-2022-1529, the two vulnerabilities are what's referred to as  prototype pollution  that could be weaponized to gain JavaScript c

Google on Tuesday released an update for Chrome web browser for Windows, Mac, and Linux, with a total of seven security fixes, including one flaw for which it says an exploit exists in the wild. Tracked as CVE-2021-21224 , the flaw concerns a type confusion vulnerability in V8 open-source JavaScript engine that was reported to the company by security researcher Jose Martinez on April 5 According to security researcher  Lei Cao , the bug [ 1195777 ] is triggered when performing integer data type conversion, resulting in an out-of-bounds condition that could be used to achieve arbitrary memory read/write primitive. "Google is aware of reports that exploits for CVE-2021-21224 exist in the wild," Chrome's Technical Program Manager Srinivas Sista  said  in a blog post. The update comes after proof-of-concept (PoC) code exploiting the flaw published by a researcher named " frust " emerged on April 14 by taking advantage of the fact that the issue was addressed

Microsoft has confirmed that the  active exploitation of PaperCut servers  is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the name  Lace Tempest  (formerly DEV-0950), which overlaps with other hacking groups like FIN11, TA505, and Evil Corp. "In observed attacks, Lace Tempest ran multiple PowerShell commands to deliver a TrueBot DLL, which connected to a C2 server, attempted to steal LSASS credentials, and injected the  TrueBot payload  into the conhost.exe service," Microsoft  said  in a series of tweets. The next phase of the attack entailed the deployment of Cobalt Strike Beacon implant to conduct reconnaissance, move laterally across the network using WMI, and exfiltrate files of interest via the file-sharing service MegaSync. Lace Tempest is a Cl0p ransomware affiliate that's said to hav

Charlie Miller is a former hacker who has become an information security consultant now working with Department of Defense (DoD) for helping out with cyber security.  He was invited to the conference on cyber conflict held by the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, where he talked about the vulnerability of information systems.  In a recent video released he talks about the ways he works. He spent five years working for the National Security Agency. Miller demonstrated his hacks publicly on products manufactured by Apple. In 2008 he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver Canada for being the first to find a critical bug in the ultrathin MacBook Air. The next year, he won $5,000 for cracking Safari. In 2009 he also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011 he found a security hole in an iPhone

Multiple flaws have been identified in Linux Kernel and related software could allow hackers to hack your Linux machines, shared hosting and websites hosted on them. PRIVILEGE ESCALATION VULNERABILITY IN LINUX KERNEL A privilege escalation vulnerability has been identified in the widely used Linux kernel that could allow an attackers to take the control of users' system. On Thursday, the most popular distributor of open source Linux OS, Debian warned about this vulnerability (CVE-2014-3153) in a security update, along with some other vulnerabilities in the Linux kernel that may lead to a denial of service attack. The most critical one is the flaw (CVE-2014-3153) discovered by Pinkie Pie which resides in the futex subsystem call of Linux Kernel 2.6.32.62/3.2.59/3.4.91/3.10.41/3.12.21/3.14.5 versions , leaving a queued kernel waiter on the stack, which can be exploited to potentially execute arbitrary code with kernel mode privileges. " Pinkie Pie discovered an

Research in Motion has found a security flaw and recommended that user disable JavaScript in browsers on certain phones, threatening the BlackBerry maker's iron-clad reputation for security. "The issue could result in remote code execution on affected BlackBerry smartphones," the Waterloo, Ontario-based company said. "Successful exploitation of the vulnerability requires the user to browse to a website that the attacker has maliciously designed." The flaw is in the WebKit browser that RIM includes in version 6 of its BlackBerry OS. RIM said hackers can steal data from users' memory cards on some BlackBerry devices. They can also install malware by exploiting the hole, but the company said that even if attacked, the phone's emails and contacts would be safe. The publicity is particularly bad for the company who stakes its reputation on the security and privacy of its service. RIM, which has been forced to use more third-party software to compete w

This coming Tuesday, Microsoft will issue fixes for 33 vulnerabilities in total, including two critical  zero-day flaws relating to Internet Explorer recently discovered that has been used to attack several high-profile targets. Internet Explorer 6, 7, 8, 9 and 10 are the recipients of a patch that can prevent an exploit that enables remote code execution in the browser. This affects all Windows operating systems except XP. The vulnerability ( CVE-​​2013-​​1347 ) had previously been addressed in a workaround yesterday , but given the way it was being exploited with attacks reported on the US Department of Labor and European aerospace and nuclear researchers the patch has been prioritised. A second bulletin deals with another IE vulnerability believed to be one disclosed in March at the annual Pwn2Own hacking competition. At least four of the patches require a restart, Microsoft said. The remaining eight patches will address flaws that range from denial-of-servic

Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems. Tracked as  CVE-2022-43931 , the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server. Successful exploitation of the issue "allows remote attackers to execute arbitrary commands via unspecified vectors," the Taiwanese company  said , adding it was internally discovered by its Product Security Incident Response Team (PSIRT). Users of VPN Plus Server for Synology Router Manager (SRM) 1.2 and VPN Plus Server for SRM 1.3 are advised to update to versions 1.4.3-0534 and 1.4.4-0635, respectively. The network-attached storage appliance maker, in a second advisory, also  warned  of several flaws in SRM that could permit remote attackers to execute arbitrary commands, conduct denial-of-service attack

During  March Patch Tuesday of 2013 , Microsoft released seven new security bulletins, with four rated as critical, and others as Important. Most interesting one was MS13-027 , which is rated as "important" because the attack requires physical access to the vulnerable machine. This flaw allows anyone with a USB thumb drive loaded with the payload to bypass security controls and access a vulnerable system even if AutoRun is disabled, and the screen is locked. Flaw exposes your Windows PCs to major risk. If you remember Stuxnet, worm was injected to Iran's nuclear program system using USB thumb drive. Windows typically discovers USB devices when they are inserted or when they change power sources (if they switch from plugged-in power to being powered off of the USB connection itself). To exploit the vulnerability an attacker could add a maliciously formatted USB device to the system. When the Windows USB device drivers enumerate the device, parsing a speciall

As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz  said  in a report. Additionally, a network-adjacent threat actor could also weaponize the flaws to access and control networked smart devices like security cameras, thermostats, smart locks; tamper with router settings, and even use a compromised network to launch attacks against other devices or networks. The list of flaws, which were  demonstrated  at the Pwn2Own hacking competition held at Toronto in December 2022, is as follows - CVE-2023-27357 (CVSS score: 6.5) - Missing Authentication Information Disclosure Vulnerability CVE-2023-27368 (CVSS score: 8.8) - Stack-based Buffer

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as  CVE-2024-4761 , is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs  could be typically exploited by malicious actors to corrupt data, or induce a crash or execute arbitrary code on compromised hosts. "Google is aware that an exploit for CVE-2024-4761 exists in the wild," the tech giant  said . Additional details about the nature of the attacks have been withheld to prevent more threat actors from weaponizing the flaw. The disclosure comes merely days after the company patched  CVE-2024-4671 , a use-after-free vulnerability in the Visuals component that has also been exploited in real-world attacks. With the latest fix, Google has addressed a total of six zero-days since the sta

Multiple security flaws have been  disclosed  in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances. The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and 13.5.2, respectively, the Broadcom-owned virtualization services provider said. A brief description of each of the flaws is below - CVE-2024-22267  (CVSS score: 9.3) - A use-after-free vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host CVE-2024-22268  (CVSS score: 7.1) - A heap buffer-overflow vulnerability in the Shader functionality that could be exploited by a malicious actor with non-administrative access to a virtual machine with 3D gr

Threat actors are actively carrying out opportunistic  scanning  and  exploitation  of Exchange servers using a new exploit chain leveraging a trio of flaws affecting on-premises installations, making them the latest set of bugs after ProxyLogon vulnerabilities were exploited en masse at the start of the year. The remote code execution flaws have been collectively dubbed "ProxyShell." At least 30,000 machines are affected by the vulnerabilities,  according  to a Shodan scan performed by Jan Kopriva of SANS Internet Storm Center. "Started to see in the wild exploit attempts against our honeypot infrastructure for the Exchange ProxyShell vulnerabilities," NCC Group's Richard Warren  tweeted , noting that one of the intrusions resulted in the deployment of a "C# aspx webshell in the /aspnet_client/ directory." Patched in early March 2021,  ProxyLogon  is the moniker for CVE-2021-26855, a server-side request forgery vulnerability in Exchange Server tha

Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (CVE-2021-21220), which was demonstrated by Dataflow Security's Bruno Keith and Niklas Baumstark at the  Pwn2Own 2021  hacking contest last week. While Google moved to fix the flaw quickly, security researcher Rajvardhan Agarwal published a  working exploit  over the weekend by reverse-engineering the patch that the Chromium team pushed to the open-source component, a factor that may have played a crucial role in the release. UPDATE:   Agarwal, in an email to The Hacker News, confirmed that there's one more vulnerability affecting Chromium-based browsers that has been patched in the latest vers

An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave. Released by Rajvardhan Agarwal, the working  exploit  concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web browsers. It is believed to be the same flaw demonstrated by Dataflow Security's Bruno Keith and Niklas Baumstark at  Pwn2Own 2021 hacking contest  last week. Keith and Baumstark were awarded $100,000 for leveraging the vulnerability to run malicious code inside Chrome and Edge. According to the screenshot shared by Agarwal, the PoC HTML file, and its associated JavaScript file, can be loaded in a Chromium-based browser to exploit the security flaw and launch the Windows calculator (calc.exe) app. But it's worth noting that the exploit needs to be chained with another flaw that can allow it to escape Chro