[ad_1]
Development Micro’s ZDI has awarded $1,081,250 for 61 zero-days exploited at Pwn2Own Austin 2021, with opponents efficiently pwning the Samsung Galaxy S21 once more and hacking an HP LaserJet printer to play AC/DC’s Thunderstruck on the competition’s third day.
Contestants earned $70,000 through the fourth day, $238,750 on the third day, $415,000 on the second, and $362,500 through the first day.
The Synacktiv staff received the competition after getting $197,000 in money for his or her zero-days and 20 Grasp of Pwn factors, with a six-point lead over the DEVCORE staff, which completed with 14 factors and earned a complete of $140,000.
Over the 4 days of competitors, the contestants compromised printers, routers, NAS units, and audio system from Canon, HP, Western Digital, Cisco, Sonos, TP-Hyperlink, and NETGEAR after exploiting 61 beforehand unknown safety flaws generally known as zero-day vulnerabilities.
The total Pwn2Own Austin 2021 schedule and the outcomes following every problem can be found right here.
Pwn2Own Austin 2021 remaining leaderboard (ZDI)
Sam Thomas (@_s_n_t) from staff Pentest Restricted (@pentestltd) was the one who compromised the Samsung Galaxy S21 operating the most recent Android 11 safety updates on the third day utilizing a distinctive three-bug chain and incomes $50,000.
The Samsung Galaxy S21 escaped a hacking try on the primary day after F-Safe Labs’ Ken Gannon did not get his zero-day exploit to work throughout the allotted time.
Mr L and Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STARLabs had been capable of get code execution on the Samsung Galaxy S21 on the second day of Pwn2Own.
Nevertheless, regardless of their success and successful $25,000, their try was tagged as a “collision” after it was revealed that they used a bug recognized to the seller.
The third day of Pwn2Own additionally noticed the F-Safe Labs staff turning an HP LaserJet printer right into a jukebox utilizing a stack-based buffer overflow to play AC/DC’s Thunderstruck.
At this version of Pwn2Own, opponents focused cell phones, printers, routers, network-attached storage (NAS), good audio system, TVs, exterior storage, and different units, all updated and operating default configurations.
Western Digital’s 3TB My Cloud Dwelling Private Cloud NAS gadget was the solely exception to this rule, because it runs a beta software program launch.
This yr’s version of Pwn2Own Austin’s consumer-focused occasion is the primary to be prolonged to 4 days after 22 totally different contestants registered for 58 whole entries.
[ad_2]