Security Alerts & News
by Tymoteusz A. Góral

History
#2120 Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
Contestants at this year's Pwn2Own hacking competition in Vancouver just pulled off an unusually impressive feat: they compromised Microsoft's heavily fortified Edge browser in a way that escapes a VMware Workstation virtual machine it runs in. The hack fetched a prize of $105,000, the highest awarded so far over the past three days.

According to a Friday morning tweet from the contest's organizers, members of Qihoo 360's security team carried out the hack by exploiting a heap overflow bug in Edge, a type confusion flaw in the Windows kernel and an uninitialized buffer vulnerability in VMware, contest organizers reported Friday morning on Twitter. The result was a "complete virtual machine escape."
Read more
#2124 Polish authorities confirm hack of Bitcurex bitcoin exchange, launch investigation
#2123 0day or feature? Privilege escalation / session hijacking all Windows versions
#2122 GitHub awards researcher $18,000 for remote code execution flaw discovery
#2121 Alert: Cisco IOS and IOS XE software Cluster Management Protocol remote code execution vulnerability
#2120 Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12