Ukraine links members of Gamaredon hacker group to Russian FSB
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
US targets DarkSide ransomware, rebrands with $10 million reward
The Week in Ransomware – November 5th 2021 – Placing bounties
Windows 11 KB5008295 OOB update fixes certificate issue breaking apps
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
FBI: Ransomware gangs hit several tribal-owned casinos in the last year
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
Trend Micro’s ZDI has awarded $1,081,250 for 61 zero-days exploited at Pwn2Own Austin 2021, with competitors successfully pwning the Samsung Galaxy S21 again and hacking an HP LaserJet printer to play AC/DC’s Thunderstruck on the contest’s third day.
Contestants earned $70,000 during the fourth day, $238,750 on the third day, $415,000 on the second, and $362,500 during the first day.
The Synacktiv team won the contest after getting $197,000 in cash for their zero-days and 20 Master of Pwn points, with a six-point lead over the DEVCORE team, which finished with 14 points and earned a total of $140,000.
Over the four days of competition, the contestants compromised printers, routers, NAS devices, and speakers from Canon, HP, Western Digital, Cisco, Sonos, TP-Link, and NETGEAR after exploiting 61 previously unknown security flaws known as zero-day vulnerabilities.
The full Pwn2Own Austin 2021 schedule and the results following each challenge are available here.
Sam Thomas (@_s_n_t) from team Pentest Limited (@pentestltd) was the one who compromised the Samsung Galaxy S21 running the latest Android 11 security updates on the third day using a unique three-bug chain and earning $50,000.
The Samsung Galaxy S21 escaped a hacking attempt on the first day after F-Secure Labs’ Ken Gannon didn’t get his zero-day exploit to work within the allotted time.
Mr L and Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STARLabs were able to get code execution on the Samsung Galaxy S21 on the second day of Pwn2Own.
However, despite their success and winning $25,000, their attempt was tagged as a “collision” after it was revealed that they used a bug known to the vendor. 
The third day of Pwn2Own also saw the F-Secure Labs team turning an HP LaserJet printer into a jukebox using a stack-based buffer overflow to play AC/DC’s Thunderstruck. 
(Sound On) Confirmed! The team from @FSecureLabs used a stack-based buffer overflow to take over an HP LaserJet and turn it into a jukebox. Their efforts earn them $20,000 and 2 Master of Pwn points. #Pwn2Own https://t.co/3kqn5Cr7Y4
At this edition of Pwn2Own, competitors targeted mobile phones, printers, routers, network-attached storage (NAS), smart speakers, TVs, external storage, and other devices, all up to date and running default configurations.
Western Digital’s 3TB My Cloud Home Personal Cloud NAS device was the only exception to this rule, as it runs a beta software release.
This year’s edition of Pwn2Own Austin’s consumer-focused event is the first to be extended to four days after 22 different contestants registered for 58 total entries. 
You can find recap videos for all four days of Pwn2Own embedded below.
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin
Mobile phishing attacks targeting energy sector surge by 161%
Sonos, HP, and Canon devices hacked at Pwn2Own Austin 2021
Android November patch fixes actively exploited kernel bug
Android spyware spreading as antivirus software in Japan
Not a member yet? Register Now
Popular ‘coa’ NPM library hijacked to steal user passwords
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

Ukraine arrests 51 for selling data of 300 million people in US, EU

Attackers can get root by crashing Ubuntu’s AccountsServiceAttackers can get root by…

Yanluowang ransomware operation matures with experienced affiliates

Panasonic discloses data breach after network hackIKEA email systems hit by ongoing…

As Twitter removes blue badges for many, phishing targets verified accounts

Convincing Microsoft phishing uses fake Office 365 spam alertsMicrosoft reverses Windows 11’s…

Microsoft fixes bug blocking Defender for Endpoint on Windows Server

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…