t PwnFest 2016, many well-known (and amateur) security researchers come together and try to hack different software. The winners get cash prize and the software developers get information about their vulnerabilities. We’ve already told you about the 18-second Microsoft Edge hack and here we’re going to tell you about another web browser.
At the event, Apple’s updated Safari web browser, running on macOS Sierra, was also compromised. This hack was carried out by a renowned Chinese hacker group Pangu Team which regularly releases million-dollar iOS jailbreaks for free.
Pangu Team, along with hacker JH, managed to hack Apple’s Safari web browser with a root privilege escalation zero-day. This exploit took 20 seconds to run and the team won $80,000.
Pangu and JH succeeded in exploiting Apple Safari on macOS Sierra and got root privilege, and $100,000 in #PwnFest2016. #POC2016.
Apart from Safari, Adobe Flash, infamous for its repeated security risks, too wasn’t spared. Chinese security firm Qihoo 360 shattered Flash with an exploit that took just four seconds to complete its job.
Qihoo used a combination of a decade-old zero day and win32k kernel flaw to win $120,000, The Register reports.