White Hat Hackers Find Flaws in Tesla, Chrome, Safari, Windows 11 Software | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

[ad_1]

Ethical hackers have found exploits in Tesla’s software as well as in major web browsers like Apple’s Safari, Google Chrome, and Microsoft Edge Wednesday, earning them thousands of dollars each in the ongoing “Pwn2Own” hackathon.

A cybersecurity team at Synacktiv was able to exploit Tesla’s electronic control unit (ECU) with a single integer overflow attack, earning them $200,000 and a new Tesla Model 3 car at the event in Vancouver, Canada. Synacktiv’s Tesla exploit puts them at the top of the competition’s leaderboard.

Synacktiv has previously found Tesla software exploits at three prior hacking events, exploiting Tesla’s modem and infotainment system, to name a few. Tesla’s vulnerabilities were also exposed by a solo hacker back in 2022, who was able to gain remote control of 25 different Tesla cars in 13 countries.

A solo hacker known as Manfred Paul conducted a remote code execution (RCE) attack on Apple’s Safari browser Wednesday, winning $60,000 for the achievement. Paul also executed a double-tap exploit on Google Chrome and Microsoft Edge browsers, winning an additional $42,500 for his work during the event.

“Three browsers down, one to go,” Paul wrote on Twitter early Thursday, suggesting another browser exploit attempt could be on the horizon.

Another participant Seunghyun Lee was also able to execute an exploit on Google Chrome with just a single bug, netting $60,000 for their hack.

Another hacker known as AbdulAziz Hariri exploited Adobe Reader software via by finding a bug and conducting an API restriction bypass, allowing Hariri to complete a code execution attack. Hariri earned $50,000 for the ethical hack.

Recommended by Our Editors

And the Devcore Research team were able to find and use a couple of Windows 11 bugs to execute a local privilege escalation (LPE) attack, winning them $30,000 Wednesday.

Hacking can be a lucrative pursuit. Last year, the HackerOne bug bounty program announced that it’s paid out over $300 million to ethical hackers. But malicious hackers have also raked in ill-gotten gains, reportedly swiping over $1 billion last year alone via ransomware attacks.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

var facebookPixelLoaded = false;
window.addEventListener(‘load’, function() {
document.addEventListener(‘scroll’, facebookPixelScript);
document.addEventListener(‘mousemove’, facebookPixelScript);
})

function facebookPixelScript() {
if (!facebookPixelLoaded) {
facebookPixelLoaded = true;
document.removeEventListener(‘scroll’, facebookPixelScript);
document.removeEventListener(‘mousemove’, facebookPixelScript);

! function(f, b, e, v, n, t, s) {
if (f.fbq) return;
n = f.fbq = function() {
n.callMethod ?
n.callMethod.apply(n, arguments) : n.queue.push(arguments)
};
if (!f._fbq) f._fbq = n;
n.push = n;
n.loaded = !0;
n.version = ‘2.0’;
n.queue = [];
t = b.createElement(e);
t.async = !0;
t.src = v;
s = b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t, s)
}(window,
document, ‘script’, ‘//connect.facebook.net/en_US/fbevents.js’);

fbq(‘init’, ‘454758778052139’);
fbq(‘track’, “PageView”);
}
}

[ad_2]

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW