Hacking Contests Offer Big Payouts for Exposing Security Flaws

Mitch Leslie

PDF(342 KB)
PDF(342 KB)
Engineering ›› 2022, Vol. 17 ›› Issue (10) : 10-12. DOI: 10.1016/j.eng.2022.08.002
News & Highlights

Hacking Contests Offer Big Payouts for Exposing Security Flaws

Author information +
History +

Cite this article

Download citation ▾
Mitch Leslie. Hacking Contests Offer Big Payouts for Exposing Security Flaws. Engineering, 2022, 17(10): 10‒12 https://doi.org/10.1016/j.eng.2022.08.002

References

[[1]]
Childs D. Pwn2Own 2022 Vancouver: the results [Internet]. Irving: Zero Day Initiative; 2022 May 18 [cited 2022 Jul 1]. Available from: https://www. zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results.
[[2]]
Understanding privilege escalation and 5 common attack techniques [Internet]. Boston: Cynet; c2022 [cited 2022 Jul 1]. Available from: https:// www.cynet.com/network-attacks/privilege-escalation/.
[[3]]
Haworth J. Pwn2Own Vancouver: 15th annual hacking event pays out $1.2 m for high-impact security bugs [Internet]. Knutsford: The Daily Swig; 2022 May 23 [cited 2022 Jul 1]. Available from: https://portswigger.net/daily-swig/ pwn2own-vancouver-15th-annual-hacking-event-pays-out-1-2m-for-highimpact-security-bugs.
[[4]]
Winder D. iPhone pro hacked: Chinese hackers suddenly break iOS 15.0.2 security [Internet]. New York City: Forbes; 2021 Oct 18 [cited 2022 Jul 1]. Available from: https://www.forbes.com/sites/daveywinder/2021/10/18/ iphone-13-pro-hacked-chinese-hackers-suddenly-break-ios-1502-security.
[[5]]
Kovacs E. $1.9 m paid out for exploits at China’s Tianfu Cup Hacking Contest [Internet]. Boston: Security Week; 2021 Oct 19 [cited 2022 Jul 1]. Available from: https://www.securityweek.com/19-million-paid-out-exploits-chinastianfu-cup-hacking-contest.
[[6]]
Greenberg A. Inside the world’s highest-stakes industrial hacking contest [Internet]. San Francisco: Wired; 2020 Jan 23 [cited 2022 Jul 1]. Available from: https://www.wired.com/story/pwn2own-industrial-hacking-contest/.
[[7]]
Rivero N. Why the cost of getting hacked is higher than ever [Internet]. New York City: Quartz; 2021 Jul 28 [cited 2022 Jul 14]. Available from: https:// qz.com/2039599/why-the-cost-of-getting-hacked-is-higher-than-ever/.
[[8]]
Burgess M. Conti’s attack against Costa Rica sparks a new ransomware era [Internet]. San Francisco: Wired; 2022 Jun 12 [cited 2022 Jul 11]. Available from: https://www.wired.com/story/costa-rica-ransomware-conti/.
[[9]]
Wilkie C. Colonial pipeline paid $5 million ransom one day after cyberattack, CEO tells senate [Internet]. New York City: CNBS; 2021 Jun 8 [cited 2022 Jul 1]. Available from: https://www.cnbc.com/2021/06/08/colonial-pipeline-ceotestifies-on-first-hours-of-ransomware-attack.html.
[[10]]
Morrison S. How a major oil pipeline got held for ransom [Internet]. New York City: Vox; 2021 Jun 8 [cited 2022 Jul 1]. Available from: https://www.vox.com/ recode/22428774/ransomeware-pipeline-colonial-darkside-gas-prices.
[[11]]
Russon MA. US fuel pipeline hackers ‘‘Didn’t mean to create problems” [Internet]. London: BBC News; 2021 May 10 [cited 2022 Jul 1]. Available from: https://www.bbc.com/news/business-57050690.
[[12]]
Farrow R. How democracies spy on their citizens [Internet]. New York City: New Yorker; 2022 Apr 18 [cited 2022 Jul 1]. Available from: https:// www.newyorker.com/magazine/2022/04/25/how-democracies-spy-on-theircitizens.
[[13]]
Mazzetti M, Bergman R. Defense firm said US spies backed its bid for pegasus spyware maker [Internet]. New York City: New York Times; 2022 Jul 11 [cited 2022 Jul 11]. Available from: https://www.nytimes.com/2022/07/10/us/ politics/defense-firm-said-us-spies-backed-its-bid-for-pegasus-spyware-maker. html.
[[14]]
Ranger S. Cybersecurity: this is how much top hackers are earning from bug bounties [Internet]. New York City: ZDNet; 2020 Sep 22 [cited 2022 Jul 14]. Available from: https://www.zdnet.com/article/this-is-how-much-tophackers-are-earning-from-bug-bounties/.
[[15]]
Fiscutean A. How Pwn2Own made bug hunting a real sport [Internet]. London: Dark Reading; 2022 May 19 [cited 2022 Jul 1]. Available from: https:// www.darkreading.com/edge-articles/how-pwn2own-made-bug-hunting-a-realsport.
[[16]]
Ziemann F. Microsoft teams and Windows 11 hacked multiple times [Internet]. Dover: NewsABC; [cited 2022 Jul 1]. Available from: https:// newsabc.net/microsoft-teams-and-windows-11-hacked-multiple-times/.
[[17]]
Chin M. How a university got itself banned from the Linux kernel [Internet]. New York City: The Verge; 2021 Apr 30 [cited 2022 Jul 1]. Available from: https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-ofminnesota-banned-open-source.
[[18]]
Brown E. Mozilla releases fixes for Firefox, Thunderbird vulnerabilities exploited during Pwn2Own Vancouver 2022 Hacking Contest [Internet]. New York City: iTech Post; 2022 May 25 [cited 2022 Jul 1]. Available from: https://www.itechpost.com/articles/110888/20220525/mozilla-releasesfixes-firefox-thunderbird-vulnerabilities-exploited-during-pwn2own-vancouver. htm.
[[19]]
Goodin D. Pwn2Own is the perfect antidote to fanboys who say their platform is safe [Internet]. New York City: Ars Technica; 2014 Mar 14 [cited 2022 Jul 1]. Available from: https://arstechnica.com/information-technology/2014/03/ pwn2own-the-perfect-antidote-to-fanboys-who-say-their-platform-is-safe/.
[[20]]
O’Neill PH. These hackers just showed how easy it is to target critical infrastructure [Internet]. Cambridge: MIT Technology Review; 2022 Apr 21 [cited 2022 Jul 1]. Available from: https://www.technologyreview.com/2022/ 04/21/1050815/hackers-target-critical-infrastructure-pwn2own/.
[[21]]
Keizer G. Three-time Pwn2Own winner knocks hacking contest rules [Internet]. Needham: Computerworld; 2011 Feb 28 [cited 2022 Jul 1]. Available from: https://www.computerworld.com/article/2506261/threetime-pwn2own-winner-knocks-hacking-contest-rules.html.
AI Summary AI Mindmap
PDF(342 KB)

Accesses

Citations

Detail

Sections
Recommended

/