{"id":392260,"date":"2017-08-29T04:08:07","date_gmt":"2017-08-28T20:08:07","guid":{"rendered":"https:\/\/www.macrumors.com\/2017\/08\/28\/pwn2own-mobile-targets-iphone-7\/"},"modified":"2017-08-29T04:08:07","modified_gmt":"2017-08-28T20:08:07","slug":"mobile-pwn2own-contest-offering-up-to-100000-reward-for-ios-vulnerabilities","status":"publish","type":"post","link":"https:\/\/people.utm.my\/asmawisham\/mobile-pwn2own-contest-offering-up-to-100000-reward-for-ios-vulnerabilities\/","title":{"rendered":"Mobile Pwn2Own Contest Offering Up to $100,000 Reward for iOS Vulnerabilities"},"content":{"rendered":"<p>Japanese cybersecurity company Trend Micro today <a href=\"http:\/\/newsroom.trendmicro.com\/press-release\/events\/trend-micro-offers-more-us500000-mobile-pwn2own-2017\">announced<\/a> its sixth annual <a href=\"https:\/\/www.zerodayinitiative.com\/blog\/2017\/8\/24\/mobile-pwn2own-2017-returns-to-tokyo\">Mobile Pwn2Own competition<\/a> will be held at this year&#8217;s <a href=\"https:\/\/pacsec.jp\/\">PacSec security conference<\/a> in Tokyo on Wednesday, November 1 and Thursday, November 2.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.macrumors.com\/article-new\/2017\/08\/pwn2own-mobile.jpg\" alt=\"\" width=\"523\" height=\"309\" class=\"aligncenter size-full wp-image-584596\"\/><br \/>The competition is part of Trend Micro&#8217;s <a href=\"https:\/\/www.thezdi.com\/\">Zero Day Initiative<\/a>, a program for rewarding security researchers for responsibly disclosing vulnerabilities to companies like Apple, Google, Samsung, and Huawei.<\/p>\n<p>This year, targeted devices include the iPhone 7, Samsung&#8217;s Galaxy S8, Google&#8217;s Pixel, and Huawei&#8217;s Mate 9 Pro, each of which will be running the latest version of iOS or Android respectively with up-to-date security fixes.<\/p>\n<p>Trend Micro is making more than $500,000 available to be won, with the cash prizes available varying by type of exploit. Mobile Safari exploits, for example, are worth up to $40,000, while an SMS-based vulnerability could net $60,000.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.macrumors.com\/article-new\/2017\/08\/trend-micro-mobile-pwn2own.jpg\" alt=\"\" width=\"614\" height=\"437\" class=\"aligncenter size-full wp-image-584565\"\/><br \/>In addition to the standard categories and prizes, there are add-on bonuses of between $20,000 and $50,000 for executing code with kernel privileges and having a smartphone operating system&#8217;s payload persist after a reboot.<\/p>\n<p>Apple representatives have attended Pwn2Own competitions in the past, with all vulnerabilities made aware to them. Apple will have 90 days to produce patches for any iOS-related bugs before they are disclosed.<\/p>\n<p>Earlier this year, at the 10th anniversary Pwn2Own competition, security researchers uncovered <a href=\"https:\/\/www.macrumors.com\/2017\/03\/16\/researchers-macos-safari-exploits-pwn2own-2017\/\">macOS Sierra vulnerabilities<\/a>, including a Safari exploit which allowed them to scroll a message on a MacBook Pro&#8217;s Touch Bar.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Japanese cybersecurity company Trend Micro today announced its sixth annual Mobile Pwn2Own competition will be held at this year&#8217;s PacSec security conference in Tokyo on Wednesday, November 1 and Thursday, November 2. The competition is part of Trend Micro&#8217;s Zero Day Initiative, a program for rewarding security researchers for responsibly disclosing vulnerabilities to companies like [&hellip;]<\/p>\n","protected":false},"author":5817,"featured_media":392261,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[25],"tags":[68,69,59,26],"class_list":["post-392260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-apple","tag-macrumors","tag-media","tag-technology"],"_links":{"self":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts\/392260","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/users\/5817"}],"replies":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/comments?post=392260"}],"version-history":[{"count":0,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/posts\/392260\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/media\/392261"}],"wp:attachment":[{"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/media?parent=392260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/categories?post=392260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/people.utm.my\/asmawisham\/wp-json\/wp\/v2\/tags?post=392260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}