Security News > 2020 > March > Defying Covid-19’s Pall: Pwn2Own Goes Virtual

Defying Covid-19’s Pall: Pwn2Own Goes Virtual
2020-03-20 20:03

Over the course of two days, hacking teams ranging from Flourescence, RedRocket CTF and Synacktiv attempted to hack Adobe's Acrobat Reader and Apple's macOS and virtualization platforms such as Oracle VirtualBox.

During one hacking attempt, the Fluoroacetate team of Amat Cama and Richard Zhu, targeted Adobe Reader and then Windows with a local privilege escalation attack.

Blink an eye and you might have missed the hack - in under five seconds and one mouse click, on their first attempt, team Fluoroacetate compromised Adobe Reader to attack and take control of the underlying operating system, Windows 10.

Tensions were high on Wednesday when a team from Georgia Tech Systems Software and Security Lab pulled off a high-wire hack chaining six different vulnerabilities to successfully exploit Apple's Safari browser and execute code on a computer running macOS. For the Georgia Tech team, which consisted of Yong Hwi Jin, Jungwon Lim, and Insu Yun, the hack earned them $70,000.

The title Master of Pwn was awarded to team Fluoroacetate for its stellar hacks during the event.


News URL

https://threatpost.com/defying-covid-19s-pall-pwn2own-goes-virtual/154002/?utm_source=rss&utm_medium=rss&utm_campaign=defying-covid-19s-pall-pwn2own-goes-virtual