Russian university student Sergey Glazunov was able to hack into a secure Windows 7 machine using a remote code execution exploit in Google’s Chrome web browser in five minutes, ZDNet reported Wednesday. The exploit was found during CanSecWest’s Pwnium hacker contest, a competition similar to the popular Pwn2Own contest. Google offered a total of $1 million dollar in prize money to hackers who could exploit the company’s Chrome web browser. Glazunov was rewarded $60,000 for his exploit, which fo...

In light of a WebKit vulnerability discovered at this year’s Pwn2Own conference in Vancouver, Research In Motion has issued a bulletin for its most security conscious customers. Affecting handsets running BlackBerry Device Software version 6.0 or higher, the exploit could allow an attacker to gain access to data stored on the media card or in the media storage area built into BlackBerry devices. RIM notes that the vulnerability does not grant attackers access to email, calendar, contact, or applicati...

Add Apple’s iOS and Research In Motion’s BlackBerry OS to the list of victims at this year’s Pwn2Own challenge. Conference veteran Charlie Miller, along with Dion Blazakis, deployed an exploit to iOS 4.2.1 through a vulnerability in Safari. By navigating to a custom-made webpage, the duo were able to execute remote code and gain access to the iOS address book. Vincenzo Iozzo, Willem Pinckaers, and Ralf Philipp Weinmann also utilized a WebKit-based vulnerability to take down a BlackBerry Torc...

Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, promising $20,000 to any person or team that could crack Chrome on the conferences opening day, but the two teams scheduled ...

Smartphones might have proved to be a tough nut to crack at last year’s CanSecWest Pwn2Own, but the same cannot be said for 2010 as two European hackers were able to gain control of a stock iPhone’s SMS database. The hack, which takes 20 seconds to execute by having the iPhone visit an infected website, allows its SMS messages — including those which had been deleted — to be uploaded to a predetermined server. If that’s not enough to make paranoid iPhone users soil their pants,...

Hackers taking part in a friendly competition aimed at highlighting OS and software vulnerabilities did some real damage to a variety of computer-based web browsers — including Safari, which took all of 10 seconds to bust on a MacBook — but where smartphones are concerned, the hackers were stumped. The competition took place at CanSecWest in Vancouver, Canada and big cash prizes were up for grabs. In fact, each successful execution of an attack on a smartphone was worth a cool $10,000. Apparently ...