hacked-in-seconds-flash-safari

Short Bytes: PwnFest 2016 has become a death call for many software vendors. The hackers have managed to take down Apple’s Safari web browser in 20 seconds using a root privilege escalation zero-day. Another team managed to compromise Adobe Flash using an exploit that took just 4 seconds to run.

At PwnFest 2016, many well-known (and amateur) security researchers come together and try to hack different software. The winners get cash prize and the software developers get information about their vulnerabilities. We’ve already told you about the 18-second Microsoft Edge hack and here we’re going to tell you about another web browser.

At the event, Apple’s updated Safari web browser, running on macOS Sierra, was also compromised. This hack was carried out by a renowned Chinese hacker group Pangu Team which regularly releases million-dollar iOS jailbreaks for free.

Pangu Team, along with hacker JH, managed to hack Apple’s Safari web browser with a root privilege escalation zero-day. This exploit took 20 seconds to run and the team won $80,000.

Apart from Safari, Adobe Flash, infamous for its repeated security risks, too wasn’t spared. Chinese security firm Qihoo 360 shattered Flash with an exploit that took just four seconds to complete its job.

Qihoo used a combination of a decade-old zero day and win32k kernel flaw to win $120,000, The Register reports.

Did you find this article helpful? Have something else to add? Don’t forget to drop your feedback in the comments section below.

Also Read: Facebook Buys Your Leaked Passwords From Black Markets, Here’s Why