Pwn2Own Vancouver 2022 hacking contest has begun, it is the 15th edition of this important event organized by Trend Micro’s Zero Day Initiative (ZDI). This year, 17 contestants are attempting to exploit 21 targets across multiple categories.
During the first day of the event, white hat hackers earned a total of $800,000, a record for the first day of this contest, including $450,000 for successful exploits targeting Microsoft Teams.
All the attempts made during the first day were successful, the participants explored a total of 16 flaws affecting Microsoft Teams, Oracle VirtualBox, Firefox, Windows 11, Ubuntu, and Safari.
Below is the list of hacking attempts against Microsoft Teams:
Manfred Paul (@_manfp) successfully demonstrated the exploitation of prototype pollution and improper input validation on Mozilla Firefox. Paul earned $100,000 and 10 Master of Pwn points.
Paul also exploited an out-of-band write issue on Apple Safari and earned $50,000 and 5 additional Master of Pwn points.
The remaining exploits received a $40,000.
Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform
(SecurityAffairs – hacking, Pwn2Own Vancouver 2022)