All four major browsers hacked at pwn2own

Last week computer hacking competition pwn2own once again took place at the CanSecWest conference in Vancouver.

During the competition, hackers and security researchers are challenged to exploit popular software and devices using previously unknown vulnerabilities.

Successful hackers win the device that they exploited, a cash prize, and a “Masters” jacket celebrating the year of their win.

Pwn2own 2015 was an incredibly eventful competition with over $500,000 dollars of rewards issued and all four major browsers successfully hacked, some in under a second.

News of ubiquitous software being hacked in such a short time can often leave us feeling despondent about the state of security but I believe that competitions such as pwn2own give us cause for optimism.

Cash prizes for hacking at competitions and bug bounty programs, such as those run by Google and Facebook, motivate hackers and researchers to use their skills to help improve security and not just exploit it.

As long as vulnerabilities are disclosed to the right parties when they are discovered, it helps to reduce the window of opportunity for malicious hackers to turn a profit.

Remember to update

While software manufacturers were likely hoping to come through pwn2own 2015 unscathed, most will now set about fixing and patching their products and services to mitigate these newly discovered threats.

Expect new security updates in the near future and remember to always keep your operating system and programs up to date.

Title image courtesy of securityaffairs.co

Leave a Reply