I recently came to know that hacker also get awards and that was really exciting as not only i will get to know which are the hacks that are new and famous but also will get to know the person behind those searches and what I found was really overwhelming…
The event was held on on Aug 3rd, 2016 in Las Vegas at the BlackHat USA security conference.
There were 16 categories to my surprise with different nominees…..
Best Server-Side Bug
Awarded to the researchers who discovered or exploited the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.
- Cisco ASA IKEv1/IKEv2 Fragmentation Heap Buffer Overflow (CVE-2016-1287) – David Barksdale, Jordan Gruskovnjak, and Alex Wheeler
- ImageTragick (CVE-2016–3714) – Stewie and Nikolay Ermishkin
- Stagefright via MMS (CVE-2015-1538) – jduck
- glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)- Fermin J. Serna
- Apache Commons Collections Java Object Deserialization RCE in WebLogic and Everything Else In the World (CVE-2015-4852) – Matthias Kaiser, Stephen Breen with honorable mention to Chris Frohoff and Gabriel Lawrence
- Samsung Galaxy Edge Baseband Stack Overflow (CVE-2015-8546) – Daniel Komaromy and Nico Golde
Award was won by Cisco ASA IKEv1/IKEv2 Fragmentation Heap Buffer Overflow (CVE-2016-1287) – David Barksdale, Jordan Gruskovnjak, and Alex Wheeler
Best Client-Side Bug
Awarded to the researchers who discovered or exploited the most technically sophisticated and interesting client-side bug.
- MS16-006 Silverlight BinaryReader Out-Of-Bounds Write RCE (CVE-2016-0034) – Unkown
- glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547) – Fermin J. Serna
- MS15-131 Microsoft Office RCE Vulnerability (BadWinmail) (CVE-2015-6172) – Haifei Li
- MS15-078 OpenType Font Driver Vulnerability (CVE-2015-2426) – Mateusz ‘j00ru’ Jurczyk
- Stagefright via Web Browser (CVE-2015-1538) – jduck
Best Privilege Escalation Bug
Awarded to the researchers who discovered or exploited the most technically sophisticated and interesting privilege escalation vulnerability. These vulnerabilities can include local operating system privilege escalations, operating system sandbox escapes, and virtual machine guest breakout vulnerabilities.
And rest catogeroies and winners are
Best Cryptographic Attack –
Best Backdoor –
Best Junk Hack or Stunt Hack –
Best Bug Branding –
Epic Achievement -Mr Robot was also nominated (winner for me)
Most Innovative Research –
Lamest Vendor Response –
Most Overhyped Bug – By great margin and most obvious…
Best Song (Just to make it an Award eve i guess) –
Most Epic FAIL – No winner
Lifetime Achievement – Mudge
Epic Ownage –