Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Pwn2Own Vancouver Nets Hackers $1.1M

March 22, 2024
Reading Time: 3 mins read
in News
Pwn2Own Vancouver Nets Hackers $1.1M

Hackers concluded the Pwn2Own Vancouver 2024 event with substantial earnings totaling $1,132,500, having uncovered 29 zero-day vulnerabilities. These exploits targeted a wide array of software and products, including web browsers, cloud-native applications, virtualization platforms, enterprise solutions, servers, local privilege escalation scenarios, enterprise communication tools, and automotive systems, all in their default configurations and fully updated. Among the notable achievements, Team Synacktiv secured a Tesla Model 3 and $200,000 on the first day after successfully hacking the Tesla ECU within 30 seconds, while Manfred Paul claimed victory with 25 Master of Pwn points and $202,500 earned throughout the competition, primarily through exploits on Apple Safari, Google Chrome, and Microsoft Edge browsers.

Throughout the event, hackers demonstrated their prowess by achieving remote code execution (RCE) and escalating privileges on meticulously secured systems, showcasing vulnerabilities in prominent platforms such as Windows 11, Ubuntu Desktop, VMware Workstation, and Oracle VirtualBox. The competition saw various tactics employed, from exploiting integer underflow bugs and bypassing protections like the V8 hardening in web browsers to leveraging out-of-bounds (OOB) write vulnerabilities and escaping sandboxes in Mozilla Firefox. Noteworthy exploits included Synacktiv’s rapid Tesla ECU hack using an integer overflow exploit and Manfred Paul’s skillful exploitation of double-tap RCE exploits targeting Chrome and Edge.

The success of the hackers underscores the critical need for robust cybersecurity measures and prompt patching of vulnerabilities by software vendors. TrendMicro’s Zero Day Initiative, responsible for managing disclosures from Pwn2Own events, gives vendors a 90-day window to release security fixes for the reported zero-days before making them public. The event serves as a platform for researchers to highlight potential threats and vulnerabilities, ultimately contributing to the improvement of software security across various domains. With the increasing sophistication of cyberattacks, events like Pwn2Own Vancouver play a crucial role in identifying and mitigating security risks in modern technology ecosystems, ultimately safeguarding users’ digital experiences.

 

Reference:
  • PWN2OWN VANCOUVER 2024 – DAY ONE RESULTS
  • PWN2OWN VANCOUVER 2024 – DAY TWO RESULTS
Tags: Cyber NewsCyber News 2024Cyber threatsCybersecurityHackersMarch 2024Pwn2Own VancouverTeslaVulnerabilities
ADVERTISEMENT

Related Posts

US Seizes $225M In Record Crypto Bust

UK Data Law Risks EU Adequacy Deal

June 20, 2025
US Seizes $225M In Record Crypto Bust

US Seizes $225M In Record Crypto Bust

June 20, 2025
US Seizes $225M In Record Crypto Bust

Argentina Busts Russian Disinformation Ring

June 20, 2025
Iran Slows Internet to Prevent Cyberattacks

Episource data breach affects over 5M patients

June 19, 2025
Iran Slows Internet to Prevent Cyberattacks

Ryuk ransomware’s access enabler extradited

June 19, 2025
Iran Slows Internet to Prevent Cyberattacks

Iran Slows Internet to Prevent Cyberattacks

June 19, 2025

Latest Alerts

Winos 4.0 Malware Hits Taiwan Via Tax Phish

New Amatera Stealer Delivered By ClearFake

New Godfather Trojan Hijacks Banking Apps

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Phishing Scam Bypasses Google 2FA

Subscribe to our newsletter

    Latest Incidents

    Massive Leak Exposes 16 Billion Credentials

    Tonga Health System Down After Ransomware

    Chinese Spies Target Satellite Giant Viasat

    German Dealer Leymann Hacked Closes Stores

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial