HP TippingPoint DVLabs Signature Response - PacSec West 2013: Mobile Pwn2Own

It’s that special time of year again, when a barrage of hackers descend on Tokyo for PacSec West, and more specifically the mobile Pwn2Own competition hosted by HP’s own Zero Day Initiative.  DV Labs has always had a presence at the contest; however, this year we wanted to push the level of response and security coverage to a new high, writing and testing filters within hours of each phone being successfully exploited.  Currently, these filters are undergoing rigorous testing and quality assurance, and will be released in our upcoming weekly Digital Vaccine package (likely Tuesday, 11/19).  The contest was again a rousing success, with the iPhone 5, Galaxy S4, and Nexus 4 all falling victim to zero day exploits from a number of international contestants.  Please contact TippingPoint DV Labs with any telemetry information if the following filters fire in your deployment:

 

13362: ZDI-CAN-2050

13363: ZDI-CAN-2051

13364: ZDI-CAN-2052

13365: ZDI-CAN-2053

 

Additionally, we’ll be releasing updates to these filters for expanded coverage in the following weeks.  To read more about the contest details, a number of blog posts are available for perusal below.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Steve Povolny manages the Digital Vaccine team at HP TippingPoint. The team is composed of security researchers and filter/signature develo...


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation