Safari Browser was Cracked Twice on Hacking Contest Pwn2Own 2018


At the annual hacking contest Pwn2Own 2018 held on Wednesday, Trend Micro held a Zero Day Initiative (ZDI) event with two attacks against the Apple Safari browser, one of which was a success. According to the details shared by the blog, Samuel Groß from phoenhex succeeded in invading Safari with three BUG chains containing macOS privilege vulnerability.

Safari Browser was Cracked Twice on Hacking Contest Pwn2Own 2018

What is Pwn2Own?

At Pwn2Own, participating hackers are about cracking software under time pressure. If you succeed, you will receive a prize money. The vulnerabilities that hackers are using at this time are not yet publicly known. This is known as zero-day security vulnerability.

Pwn2Own hacking competition has been held since 2007, aiming at encourages hackers to discover and disclose a range of vulnerabilities that affect software and hardware, making it easier for manufacturers to fix them in time. Hackers can obtain cash rewards and master PWN integrals as long as they successfully display the exploit in the competition. From Safari to iPhone, many of Apple’s products have been the targets over the past 11 years, and the hacker made it successfully, including this year. Last year, the iPhone 7 was cracked by Richard Zhu.

Safari Browser was Cracked Twice

Three hackers Alex Plaskett, Georgi Geshev and Fabi Beterk who come from MWR laboratory, breaking the sandbox mode of Safari through two vulnerabilities, one was the heap buffer overflow vulnerability in the browser, and the other is the uninitialized stack variable vulnerability of the macOS. As the result, the team also received nearly $55,000 and five PWN points.

The second team who has broken the Safari is from Ret2 Systems Company, including members of Markus Gaasedele, Nick Burnett and Patrick Biernat, who took advantage of the macOS kernel to raise privilege vulnerabilities to attack Safari, but they didn’t really exploit the vulnerability until the fourth try.

Security researcher Richard Zhu, hacked Microsoft’s Edge and Mozilla’s Firefox. He got the most prize money (120,000 US dollars). Apple’s Safari has been hacked successfully by Samuel Gross.

The prize money on the Pwn2Own vary. Someone would have received $ 250,000 if he had cracked Microsoft’s Hyper-V virtualization solution within the given timeframe.

OneCast App Is Bringing Xbox One Game Streaming to Mac

OneCast App Is Bringing Xbox One Game Streaming to Mac

OneCast claims to be the world’s first Xbox One game streaming client for macOS, offering Mac owners a taste of what Windows 10 users have had access to for some three years.

OneCast App Is Bringing Xbox One Game Streaming to Mac

OneCast, which first introduced by Microsoft in 2015 at its Windows 10 event announcing support for using Windows 10 machines as a second screen for Xbox One over the same home network.
As we have mentioned earlier, while Windows 10 users have been enjoying the Xbox One game streaming on their device, Mac users have been working their way through several workarounds in order to score the same functionality. This includes making use of Parallels for Mac in an attempt to run the feature via Windows.

OneCast promises 1080p video throughput, “extremely low lag” and support for either full-screen or windowed viewing modes. An Xbox wireless controller can be connected to the Mac via USB or Bluetooth after a firmware install, and the app supports multiple Xbox user profiles, making it simple to use different Xbox One consoles or gamertags.

In addition to streaming from an Xbox One to a Mac sharing the same wireless network, OneCast supports remote connectivity features that let users play games from anywhere with an internet connection. The company notes play anywhere functionality requires manual configuration of a network router, specifically port forwarding settings.

OneCast offers a free 14-day trial, so you can give the service a shot and see how it works yourself. After, it’ll cost users $9.99 for a license, discounted from the full price of $20.
Click here to download OneCast  now.