Short Bytes: PwnFest 2016 has become a death call for many software vendors. The hackers have managed to take down Apple’s Safari web browser in 20 seconds using a root privilege escalation zero-day. Another team managed to compromise Adobe Flash using an exploit that took just 4 seconds to run.
At the event, Apple’s updated Safari web browser, running on macOS Sierra, was also compromised. This hack was carried out by a renowned Chinese hacker group Pangu Team which regularly releases million-dollar iOS jailbreaks for free.
Pangu Team, along with hacker JH, managed to hack Apple’s Safari web browser with a root privilege escalation zero-day. This exploit took 20 seconds to run and the team won $80,000.
Pangu and JH succeeded in exploiting Apple Safari on macOS Sierra and got root privilege, and $100,000 in #PwnFest2016. #POC2016.
— vangelis (@vangelis_at_POC) November 11, 2016
Apart from Safari, Adobe Flash, infamous for its repeated security risks, too wasn’t spared. Chinese security firm Qihoo 360 shattered Flash with an exploit that took just four seconds to complete its job.
Qihoo used a combination of a decade-old zero day and win32k kernel flaw to win $120,000, The Register reports.
#PwnFest2016 #POC2016 pic.twitter.com/E4LND1XA1l
— vangelis (@vangelis_at_POC) November 11, 2016
Did you find this article helpful? Have something else to add? Don’t forget to drop your feedback in the comments section below.
Also Read: Facebook Buys Your Leaked Passwords From Black Markets, Here’s Why