Trend Micro’s Zero Day Initiative encourages zero-day disclosure in latest mobile devices
DALLAS--(BUSINESS WIRE)--In the continued effort to thwart malicious attacks against consumers and enterprises, Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the Zero Day Initiative’s Mobile Pwn2Own contest. This year’s event will take place Nov. 1-2, during the PacSec 2017 Conference in Tokyo, Japan. The contest rewards security researchers for demonstrating and disclosing zero-day attacks on the latest and most popular mobile devices.
Contestants will be awarded cash and prizes during the competition for vulnerabilities and exploitation techniques against the most up-to-date patches in popular mobile platforms. This year’s targets include the Apple iPhone 7, Samsung Galaxy S8, Google Pixel and Huawei Mate9 Pro. Following the contest, vendors will have 90 days to produce patches for these bugs, instead of the standard 120 disclosure window. This reflects the integrity of successful exploits produced during the contest. As these are practical vulnerabilities with demonstrated applications, a shortened patch window helps provide quicker protection for the end user against potentially damaging bugs.
“This contest embodies Trend Micro’s leadership in encouraging and facilitating the discovery of zero-day vulnerabilities,” said Mike Gibson, vice president of threat research for Trend Micro. “Rewarding responsible disclosure of these bugs promotes our overarching goal of making everyone safer online. Researchers participating in the contest gain notoriety and can win a significant amount of money, and vendors are given the opportunity to patch zero-day vulnerabilities that might have otherwise wreaked havoc on their systems.”
To emphasize the importance of vigilance against these threats and responsible disclosure, this year’s event offers larger prizes than ever before, with a prize pool of more than US$500,000. The contest consists of four categories including browsers, short distance and WiFi, messaging and baseband, which is returning this year. A complete list of targets and prizes are listed below:
Master of Pwn
|Samsung Internet Browser||$30,000 (USD)||8|
|Short Distance and WiFi||Bluetooth||$40,000 (USD)||8|
In addition to the standard categories and prizes, there are add-on bonuses for executing code with kernel privileges and having the payload persist after a reboot. These bonuses will help contestants reach the coveted title, “Master of Pwn,” by adding additional points to their running total from each successful exploit.
To learn more about Mobile Pwn2Own, please visit: https://www.zerodayinitiative.com/blog/2017/8/24/mobile-pwn2own-2017-returns-to-tokyo.
About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world’s most advanced global threat intelligence, Trend Micro enables organizations to secure their journey to the cloud. For more information, visit www.trendmicro.com.