Pwn2Own Offers $100,000 for Home Office Hacking Scenario
Dwelling › Cellular Safety
Pwn2Own Provides $100,000 for Dwelling Workplace Hacking State of affairs
By Eduard Kovacs on August 30, 2022
Tweet
Pattern Micro’s Zero Day Initiative (ZDI) has introduced the targets and prizes for its subsequent Pwn2Own hacking competitors, in addition to the introduction of a brand new class that goals to simulate an actual world residence workplace surroundings.
The following Pwn2Own will happen December 6-8, 2022, at ZDI’s workplace in Toronto, Canada. The registration deadline is December 2. The occasion is not going to happen alongside a convention so ZDI has determined to reimburse $3,000 for journey bills to encourage hackers to take part in particular person. Bug bounty hunters may compete remotely, with a ZDI worker in Toronto operating the exploit for them.
The organizer is providing a complete of greater than $1 million in money and prizes for exploits concentrating on cellphones, wi-fi routers, residence automation hubs, sensible audio system, printers and NAS units.
This 12 months, ZDI is introducing a brand new class referred to as ‘The SOHO Smashup’, which might earn individuals as much as $100,000. This class goals to simulate a small workplace/residence workplace (SOHO) situation, with the aim being to hack a router by way of its WAN interface after which pivot into the native space community the place the researcher must hack a distinct gadget, akin to a printer, sensible speaker or NAS gadget.
Within the first stage, they’ll hack a TP-Hyperlink, Netgear, Synology, Cisco, MikroTik or Ubiquity router. Within the second stage, they’ll choose from a listing of almost a dozen IoT units from Meta, Amazon, Google, Sonos, Apple, HP, Lexmark, Canon, Synology, and WD.
Whereas this model of Pwn2Own is now not referred to as Cellular Pwn2Own, cellphones are nonetheless essentially the most engaging goal from a monetary viewpoint. Members can earn as much as $250,000 in the event that they hack Apple’s iPhone 13 or Google’s Pixel 6. Hacking a Samsung Galaxy S22 can earn individuals as much as $50,000.
A money prize of as much as $60,000 is obtainable for sensible speaker and residential automation hub exploits. The targets embody Sonos One, Apple HomePod Mini, Amazon Echo Studio, Meta Portal Go, Amazon Echo Present 15, and Google Nest Hub Max.
Members can earn as much as $40,000 for Synology and WD NAS exploits, and between $5,000 and $30,000 for router vulnerabilities. Printer exploits are value as much as $20,000.
Eventually 12 months’s occasion, individuals have been awarded greater than $1 million for smartphone, router, printer, NAS and sensible speaker zero-day exploits.
Associated: Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities
Associated: ICS Exploits Earn Hackers $400,000 at Pwn2Own Miami 2022
Associated: Microsoft Groups Exploits Earn Hackers $450,000 at Pwn2Own 2022
Get the Day by day Briefing
- Most Current
- Most Learn
- How Expertise Can Suppose Globally and Act Regionally to Inform World Cyber Insurance policies
- 2.5 Million Impacted by Information Breach at Nelnet Servicing
- Chinese language Hackers Goal Power Corporations in South China Sea
- Google Launches Bug Bounty Program for Open Supply Tasks
- FBI Warns of Surge in Assaults Focusing on DeFi Platforms
- Pwn2Own Provides $100,000 for Dwelling Workplace Hacking State of affairs
- Elon Musk Subpoenas Twitter Whistleblower Forward of Trial
- FTC Accuses Information Dealer of Promoting Delicate Location Information
- Okta Impersonation Method Might be Utilized by Attackers
- Galois Open Sources Instruments for Discovering Vulnerabilities in C, C++ Code
On the lookout for Malware in All of the Incorrect Locations?
First Step For The Web’s subsequent 25 years: Including Safety to the DNS
Tattle Story: What Your Laptop Says About You
Be in a Place to Act Via Cyber Situational Consciousness
Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant
2010, A Nice Yr To Be a Scammer.
Do not Let DNS be Your Single Level of Failure
The way to Determine Malware in a Blink
Defining and Debating Cyber Warfare
The 5 A’s that Make Cybercrime so Engaging
The way to Defend In opposition to DDoS Assaults
Safety Budgets Not in Line with Threats
Anycast – Three Causes Why Your DNS Community Ought to Use It
The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations
Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise