Chrome, Edge, Safari and Office 365 are easily breached in a security competition in China
To reschedule, in the middle of November every year, the most "famous" names in the information technology industry in general and cybersecurity in particular gather in Chengdu, China. Korea to compete in the Tianfu Cup, the highest hack contest of the country of billions of people.
These are all leading Chinese hackers (mostly white hats), with influence in the domestic and international security community. This year's event has a total of 48 test sessions, of which the most popular is the zero-day implementation of a number of popular software and applications on the market. If successful, the hackers will receive cash prizes, witnesses, and especially fame to the wind as the winner of a prestigious hack contest.
Day 1: Safari, Microsoft Edge, Google Chrome and Office 365
Tianfu Cup takes place in 2 days from 16 to 17/11. The first day was the busiest day of the entire event with 32 hacking sessions planned. Of those, there were 13 successful sessions, seven hacking sessions failed and in the remaining 12 sessions security researchers decided to give up for various reasons. However, there have been many famous technology applications and applications that have been successfully 'conquered', specifically as follows:
(3 successful exploits) Microsoft Edge (old version based on EdgeHTML tool, not new Chromium version)
- (2) Google Chrome
- (1) Safari
- (1) Office 365
- (2) Adobe PDF Reader
- (3) Router D-Link DIR-878
- (1) qemu-kvm + Ubuntu
360Vulcan is the most prominent name in the first 'competition' day with $ 80,000 in prize money for successful hacking the qumu-kvm + Ubuntu.
Second day: VMware was knocked out with $ 200,000 in prize money
Of the 16 events planned for the second day of competition, only half went as planned, and there was only one successful case, but the prize was extremely large. to 200,000 USD.
The owner of the dream prize money continues to belong to the 360Vulcan team with a successful exploitation of the flaw on VMWare Workstation.
All security holes discovered at Tianfu Cup 2019 as well as the way of exploiting these holes will be specifically reported to the respective suppliers. Such contests have a particularly important role for the security community in general and the application vendors in particular. Hackers will get remuneration as well as reputation, while providers will get the most perfect service to bring to users.
You should read it
- Summarizing the Pwn2Own 2019: Safari, VirtualBox was 'pierced' on the first day, Firefox, Edge on the second day and Tesla Model 3 'closed the window'
- Dynamics of Google, Apple and Microsoft when the browser has a security error
- Detect a critical flaw in VMware Cloud Director, which could pave the way for hackers to take control of enterprise servers
- Google discovered two serious vulnerabilities on iOS
- Google Chrome has a serious zero-day error, and hackers can execute malicious code at its fullest
- Now it is possible to hack Windows with Google Chrome
- Steps to adjust security settings in Microsoft Edge
- Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- Detection of security vulnerabilities affects all Bluetooth versions
- Google Chrome has an urgent update, patching a serious zero-day vulnerability being exploited by hackers
- Microsoft has patched the critical vulnerability on Android Remote Desktop application
Maybe you are interested
Top Best FPS Shooting Games on PC & Mobile Today
The most accurate way to check iPhone IMEI today
AI predicts storms 10 days in advance, with outstanding results
How to calculate the number of days between two time points extremely quickly using Excel
Top 6 smart ring models today
Reasons why you should not use your laptop outdoors on sunny days