Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive

January 26, 2024 at 03:51AM Cybersecurity researchers and bug bounty hunters earned over $1.3 million from hacking Teslas, EV chargers, and infotainment systems at the Pwn2Own Automotive competition. The Synacktiv team won, earning $450,000 by exploiting vulnerabilities. ZDI is preparing for Pwn2Own Vancouver 2024, with a prize pool exceeding $1 million. Last year’s competition in … Read more

Pwn2Own 2024: Tesla Hacks, Dozens of Zero-Days in Electrical Vehicles

January 25, 2024 at 03:52PM Researchers at Pwn2Own 2024 in Tokyo compromised multiple electric vehicle chargers, operating systems, and Tesla components, uncovering numerous zero-day vulnerabilities. They earned $722,500 in winnings on the first day alone. Synacktiv’s notable achievements include exploits of various EV charging stations and Tesla systems, highlighting the growing complexity and security concerns … Read more

Tesla Hack Earns Researchers $100,000 at Pwn2Own Automotive

January 25, 2024 at 11:48AM The Pwn2Own Automotive hacking contest at the Automotive World conference in Tokyo has concluded its second day, with overall earnings exceeding $300,000. The Synacktiv team leads with $430,000, notably earning for exploiting Tesla systems. Additional awards were granted to other successful hacking attempts. Day three will involve further hacking attempts. … Read more

Tesla hacked again, 24 more zero-days exploited at Pwn2Own Tokyo

January 25, 2024 at 10:50AM During the Pwn2Own Automotive 2024 hacking contest in Tokyo, Synacktiv Team demonstrated 24 unique bugs, earning $382,500. They hacked the Tesla infotainment system and Automotive Grade Linux, collecting a total of $435,000. The competition focuses on automotive technologies and vendors have 90 days to release security fixes after the event. … Read more

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

January 24, 2024 at 08:38AM During the first day of Pwn2Own Automotive 2024, security researchers hacked Tesla Modem and other devices, earning a total of $722,500 in awards, with Synacktiv Team securing $100,000 by exploiting three zero-day bugs. They also hacked EV charging stations, earning an additional $120,000, and the NCC Group EDG team won … Read more

CISA: Critical Microsoft SharePoint bug now actively exploited

January 12, 2024 at 02:47PM CISA warned of active exploitation of critical Microsoft SharePoint vulnerabilities, including CVE-2023-29357, which allows attackers to gain admin privileges using spoofed JWT tokens. When chained with another bug, remote code execution is possible. These exploits have gained attention after a successful demo at the Pwn2Own contest, leading to the release … Read more

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

January 12, 2024 at 02:03AM The U.S. CISA added a critical security vulnerability in Microsoft SharePoint Server to its catalog, noting evidence of active exploitation and the availability of patches from Microsoft. Security researcher Nguyễn Tiến Giang demonstrated an exploit at a hacking contest, with federal agencies advised to apply the patches by January 31, … Read more

Hackers Earn $400k on First Day at Pwn2Own Toronto 2023

October 25, 2023 at 12:16PM The Pwn2Own Toronto 2023 hacking contest started and participants successfully hacked various devices, earning over $400,000 on the first day. Team Orca of Sea Security earned the highest reward of $60,000 by exploiting vulnerabilities in the Sonos Era 100 speaker. Other devices targeted included the Samsung Galaxy S23, Western Digital’s … Read more