Man
Professional
- Messages
- 3,070
- Reaction score
- 604
- Points
- 113
The competitors set a record at Pwn2Own Ireland.
The fourth day of the Pwn2Own Ireland 2024 competition ended with more than a million dollar prize money for discovering over 70 unique zero-day vulnerabilities in fully updated devices.
During the competition, cybersecurity specialists checked various software and hardware products for vulnerabilities in an effort to win the title of "Master of Pwn". Participants competed in eight categories - mobile phones, instant messengers, home automation systems and smart speakers, printers, video surveillance systems, network storage and SOHO Smash-up.
The event was the fourth time in a row that white hat hackers surpassed the million-dollar mark, earning a total of $1,066,625. In the final stage, the participants successfully carried out attacks on Lexmark, TrueNAS, and QNAP devices.
The title of "Master of Pwn" was won by Viettel Cyber Security, which scored 33 points and earned $205,000 for vulnerabilities in QNAP NAS, Sonos speakers and Lexmark printers.
Pwn2Own Ireland Final Ranking 2024 (Source: Zero Day Initiative)
The next Pwn2Own competition will take place on January 22, 2025 in Tokyo, Japan. The main theme of the event will be the automotive industry with four categories for participants: Tesla, infotainment systems, EV chargers and operating systems. The Zero Day Initiative (ZDI) has already published details on the categories and the size of the prizes for successful attacks.
Hackers found 52 zero-day vulnerabilities on the first day, and 51 more on the second day The third day was marked by successful performances by the Viettel Cyber Security, DEVCORE and PHP Hooligans/Midnight Blue teams, which identified 11 new zero-day vulnerabilities.
Source
The fourth day of the Pwn2Own Ireland 2024 competition ended with more than a million dollar prize money for discovering over 70 unique zero-day vulnerabilities in fully updated devices.
During the competition, cybersecurity specialists checked various software and hardware products for vulnerabilities in an effort to win the title of "Master of Pwn". Participants competed in eight categories - mobile phones, instant messengers, home automation systems and smart speakers, printers, video surveillance systems, network storage and SOHO Smash-up.
The event was the fourth time in a row that white hat hackers surpassed the million-dollar mark, earning a total of $1,066,625. In the final stage, the participants successfully carried out attacks on Lexmark, TrueNAS, and QNAP devices.
- The Smoking Barrels team identified two vulnerabilities in TrueNAS X. Despite the fact that one of the vulnerabilities had already been exploited earlier, the team received $20,000 and 2 Master of Pwn points for successful exploitation.
- The Cluck team exploited a chain of six vulnerabilities to move from the QNAP QHora-322 device to the Lexmark CX331adwe. Although one of the vulnerable elements had already been involved before, participants earned $23,000 and received Master of Pwn points.
- Specialists from Viettel Cyber Security demonstrated an attack on TrueNAS Mini X using two vulnerabilities. A vulnerability previously seen in the competition was also exploited in their chain, but they received $20,000 and 2 Master of Pwn points for demonstrating the attack.
- The PHP Hooligans/Midnight Blue team exploited an integer overflow vulnerability to successfully exploit a Lexmark printer, resulting in $10,000 and 2 Master of Pwn points.
The title of "Master of Pwn" was won by Viettel Cyber Security, which scored 33 points and earned $205,000 for vulnerabilities in QNAP NAS, Sonos speakers and Lexmark printers.
Pwn2Own Ireland Final Ranking 2024 (Source: Zero Day Initiative)
The next Pwn2Own competition will take place on January 22, 2025 in Tokyo, Japan. The main theme of the event will be the automotive industry with four categories for participants: Tesla, infotainment systems, EV chargers and operating systems. The Zero Day Initiative (ZDI) has already published details on the categories and the size of the prizes for successful attacks.
Hackers found 52 zero-day vulnerabilities on the first day, and 51 more on the second day The third day was marked by successful performances by the Viettel Cyber Security, DEVCORE and PHP Hooligans/Midnight Blue teams, which identified 11 new zero-day vulnerabilities.
Source
