The CanSecWest security conference in Vancouver last week included technical presentations on bypassing ASLR and DEP and the intricacies of Android research, as well as a fascinating talk on the red team exercises Facebook’s security team runs. We put together some scenes from the show and Vancouver itself.
Microsoft reports that a 15-month-old Internet Explorer exploit has been included into the Cool Exploit Kit. The bug was first exploited at the 2012 Pwn2Own contest.
Details have been disclosed about vulnerabilities exploited in Chrome and Java during the Pwn2Own contest.
UPDATE – In an unexpected turn, Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago.The popular hacker contest attracted researchers from all over who were targeting all the major browsers, as well as third-party software such as Flash and Java.