CISA orders federal agencies to fix hundreds of exploited security flaws
US sanctions NSO Group and three others for spyware and exploit sales
Some Windows 11 apps are broken due to expired certificate
BlackMatter ransomware claims to be shutting down due to police pressure
US targets DarkSide ransomware, rebrands with $10 million reward
CISA urges vendors to patch BrakTooth bugs after exploits release
Phishing emails deliver spooky zombie-themed MirCop ransomware
Popular ‘coa’ NPM library hijacked to steal user passwords
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin
Contestants hacked the Samsung Galaxy S21 smartphone during the second day of the Pwn2Own Austin 2021 competition, as well as routers, NAS devices, speakers, and printers from Cisco, TP-Link, Western Digital, Sonos, Canon, Lexmark, and HP.
So far, Trend Micro’s Zero Day Initiative has awarded $777,500 over the first two days of Pwn2Own Austin, with $415,000 awarded during the second day and $362,500 won during the first day.
The Synacktiv team maintains a slight lead in the Master of Pwn standings with 15 Master of Pwn points and $150,000 won so far, one point ahead of the DEVCORE team that has 14 points and has earned $140,000.
The full Pwn2Own Austin 2021 schedule and the results following each challenge are available here.
Yesterday, Mr L and Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STARLabs were able to get code execution on the Samsung Galaxy S21 running the latest Android 11 security updates.
However, despite successfully exploiting a zero-day flaw, the attempt was tagged as a “collision” after it was revealed in the disclosure room that they used a bug known to the vendor.
They still earned $25,000 and 2.5 Master of Pwn points, reaching a total of $75,000 in awards after the first two days of competition.
Samsung Galaxy S21 was also the only device that wasn’t compromised on the first day after F-Secure Labs’ Ken Gannon couldn’t get his zero-day exploit to work within the allotted time.
At this edition of Pwn2Own (previously known as Pwn2Own Mobile), security researchers are targeting mobile phones, printers, routers, network-attached storage (NAS), smart speakers, TVs, external storage, and other devices, all up to date and in their default configuration.
The only exception to this rule is Western Digital’s 3TB My Cloud Home Personal Cloud NAS device, which still runs a beta software release.
The highest rewards are for devices in the mobile phone category, with cash prizes of up to $150,000.
Researchers can also get a $50,000 bonus if their iPhone or Pixel browser exploits will execute with kernel-level privilege, taking the maximum award for a single challenge to a total of $200,000.
This edition of Pwn2Own Austin’s consumer-focused event is also the first one to be extended to four days after 22 different contestants registered for 58 total entries. 
Billions more Android devices will reset risky app permissions
Mobile phishing attacks targeting energy sector surge by 161%
Sonos, HP, and Canon devices hacked at Pwn2Own Austin 2021
Android November patch fixes actively exploited kernel bug
Android spyware spreading as antivirus software in Japan
Not a member yet? Register Now
BlackMatter ransomware claims to be shutting down due to police pressure
Popular ‘coa’ NPM library hijacked to steal user passwords
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

Invisible characters could be hiding backdoors in your JavaScript code

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…

Microsoft: New security updates trigger Windows Server auth issues

AMD fixes dozens of Windows 10 graphics driver security bugsVoid Balaur hackers-for-hire…

The Week in Ransomware – December 10th 2021 – Project CODA

New zero-day exploit for Log4j Java library is an enterprise nightmareALPHV BlackCat…

Here are the new Emotet spam campaigns hitting mailboxes worldwide

Windows 10 21H2 is released, here are the new featuresNew Rowhammer technique…