RECENT PWNFEST SENDS GOOGLE AND APPLE BACK TO BASICS — HACKERS PWNED GOOGLE PIXEL AND APPLE SAFARI BROWSER — BEFORE THIS, THE SAME HACKERS HACKED MICROSOFT EDGE AND VMWARE ALL IN FEW SECONDS.

PWNFEST is an event
organized in Seoul, South Korea where teams of white-hat hackers come to
compete for cash prizes. The prizes are conditional upon finding a
vulnerability in the latest software and devices developed by various tech
firms.

Yesterday we reported how Chinese and South Korean group of
hackers hacked Microsoft Edge and VMware. This time the participants gave a
hard time to tech giants Google and Apple after working out
an exploit in their latest products, Google Pixel and Safari on MacOS
Sierra respectively.

GOOGLE PIXEL HACKED UNDER 60 SECONDS

A team by the name of Qihoo 360 from South Korea managed to break into Google Pixel Android smartphone within just a
minute. Qihoo 360 demonstrated an exploit that allowed hackers to
conduct remote code execution attack on the Pixel. The attack launched
Google Play Store and then the mobile version of Google Chrome before
showing a deface message that read “Pwned by 360 Alpha Team.’
As a result, the team
bagged in the cash prize of $120,000 for discovering the vulnerability.
Additionally, it also found out certain weaknesses in Microsoft Edge – the
latest Windows 10 Internet Browser – along with Adobe Flash. A total of $520k
went to Qihoo 360.

APPLE SAFARI HACKED IN 20 SECONDS

Just like Qihoo 360, a team by the name of Pangu along with JH from
China managed to hack into Safari running on MacOS Sierra in just 20 seconds.
The hack resulted in gaining them root access to the app. Pangu was also able
to successfully jailbreak the latest version of iOS.


The endeavor led the teams winning a total of $100k at
PWNFEST. As for Apple, Microsoft and Google, they all have embarked on the
mission to fix these vulnerabilities as soon as possible before any
unauthorized access takes place. Currently, the details about the exploits
haven’t been made public but the platform owners and vendors have been informed
about them. 

via Blogger http://ift.tt/2fMAc8i

Advertisements