Chrome, Edge, Safari hacked at elite Chinese hacking contest

Forums Security News (Security) Chrome, Edge, Safari hacked at elite Chinese hacking contest

Tagged: 

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • February 16, 2020 at 6:31 pm #39989
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        Chrome, Edge, Safari hacked at elite Chinese hacking contest
        Day 1 victims: Chrome, Edge, Safari, Office 365

        Auto extracted Text……

        Over the course of two days — November 16 and 17 — Chinese security researchers will test zero-days against some of the world’s most popular applications.
        The Tianfu Cup‘s rules are identical to what we see at Pwn2Own, the world’s largest hacking contest.
        Prior to 2018, Chinese security researchers dominated Pwn2Own, with different teams winning the competition years in a row.
        In the spring of 2018, the Chinese government barred security researchers from participating in hacking contests organized abroad, such as Pwn2Own. The TianfuCup was set up a few months later, as a response to the ban, and as a way for local researchers to keep their skills sharp.
        The first edition was held in the fall of 2018 to great success, with researchers successfully hacking apps like Edge, Chrome, Safari, iOS, Xiaomi, Vivo, VirtualBox, and more.
        This is literally just, like, a hundred Chinese security researchers testing their 0days in competition against modern software targets.
        The competition’s first day was its busiest, with 32 hacking sessions scheduled on Saturday.
        Of these, 13 were successful, seven hacking sessions failed, and in 12 sessions security researchers abandoned exploitation attempts, for various reasons.
        Of the successful sessions, Tianfu Cup organizers reported successful hacks of:
        (3 successful exploits) Microsoft Edge (the old version based on the EdgeHTML engine, not the new Chromium version) [tweet]
        (2) Chrome hacks [tweet]
        In the past, many software vendors have begun to attend hacking competitions, where they send representatives to pick up vulnerability reports minutes after a hacking session ends — with some vendors shipping patches within hours.
        There were few vendors at Tianfu Cup; however, with many high-profile successful exploits being recorded in the competition’s first two editions, many companies will most likely begin considering sending a representative next year

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.