• POLITICS
  • SCIENCE
    • Astronomy
    • Physics
    • Biology
    • Geology
    • Environment
    • Medicine and Health
    • Sociology
    • Psychology
  • MOVIES & TV SHOWS
  • TECHNOLOGY
    • Artificial Intelligence
    • Virtual Reality
    • Bionics
    • Nanotechnology
    • Engineering
    • Robotics
    • Space Exploration
    • Transport
    • Industry and Service
  • GADGETS
    • Mobile Devices
    • Wearables
    • Consoles
    • Hi-Tech
  • GEEK CULTURE
    • Gaming
    • Comics
    • Thingamajigs
  • MUSIC
  • SOFTWARE
    • APPS
      • Android
      • iOS
      • Windows
  • HARDWARE
  • CARS
  • REVIEWS
  • Advertise
  • Geek Reply Jobs
  • Contact Us
Geek Reply
  • HOME
  • Editorials
  • Geek Squad
  • GeekReply Jobs
  • Contact Us
  • Facebook

  • Twitter

  • Google+

  • LinkedIn

  • RSS

Conventions

Pwn2Own and 360Vulcan: the interview

Pwn2Own and 360Vulcan: the interview
blank
John Cusack
March 27, 2015

Last week there was a big event for hackers from across the world, called Pwn2Own. Pwn2Own was held in Vancouver and teams of hackers and security professionals participated in order to show their hacking skills when it comes to internet browsers. One of the most amazing accomplishments at Pwn2Own came from 360Vulcan, the 360Safeguard team, who managed to tear down Internet Explorer 11 in just 17 seconds, through exploitation, and of course preparedness. Because Geek Reply is always interested in how these feats are accomplished and because we know that our readers want to get to know the people that are behind such accomplishments, we’ve brought you a surprise.

The 360Vulcan Team, lead by Mr. Wenbin Zheng, agreed to answer a few of our questions about the proud team and the Pwn2Own competition. Below, you’ll find the few questions I’ve asked the team and their responses, unedited. Although we would have liked to get more dirt on IE and the other browsers that the 360Vulcan Team works on, we did manage to find out that the young team from China is excellent at what they do: hacking. Congratulations to the team and we’re looking forward to their future accomplishments! Find out how they did it and what else they’re doing from the answers they gave below.

360vulcan-team-at-pwn2own-official-winners

The 360Vulcan team won $32.500 at Pwn2Own

As for a little background, the 360Vulcan Team who took to Pwn2Own are from 360Safeguard, which is a security software kit that offers up mobile security, as well as desktop, browser and any other type of antivirus, antimalware and anti-threat software you can think of. Most everything they offer is free, so if you think having software designed by professionals who can hack IE 11 in 17 seconds is a good thing, you can go ahead and try out what they’re offering and let us know what you think about it.

Charlotte: What were your goals and aims when entering the Pwn2Own hacking competition?

Wenbin Zheng: By participating in Pwn2Own, we hope to do deep research on the browser security protection and vulnerabilities exploitation. We hope to hone our skills by taking part in this high difficulty challenge. And it is also an opportunity for reflecting technical capabilities of our team, and have chance to communicate with other International security teams.

Ch: How did you manage to hack Internet Explorer 11 so fast and what were the things that you exploited?

Wenbin Zheng: In the competition, we use the prepared exploit page, and took down IE browser in only 17 seconds. Though the time of exploiting target is short, but behind the success was a long-term process of accumulation and research. In order to take down IE 11 browser, we needed to exploit multiple 0day vulnerabilities, also we needed to defeat many security mitigations such as DEP, ALSR, Control Flow Guard, Isolated Heap, Protected Free and EPM. What’s more, as required in this contest, we had to use the 64-bit process (present in non-default configuration), and it was also an obstacle that forbidden to implement the attack by log off or restarting system.

Ch: What do you think about Microsoft’s Project Spartan replacing Internet Explorer in Windows 10?

Wenbin Zheng: Judging from current news, Microsoft may recommend users to use the Spartan browser. Because of its redesign, Spartan browser has significant improvements in its browser security. But IE browser will not be entirely replaced, since it is still the preferred choice for enterprise users. So the security of Internet Explorer is still critical. For ordinary users, it is a good thing, but it means a new challenge for researchers who work on vulnerabilities exploitation. However even the best security defense can be compromised by security professionals, Spartan is no exception.

Ch: How can you describe the 360Vulcan team and their relationship with 360Safeguard?

Wenbin Zheng: 360Vulcan Team is from 360 Safeguard team, usually works in different groups, major members from 360 Safeguard vulnerabilities research and defense team.

Ch: How have you been collaborating with Microsoft, Google and others over the years regarding browser security?

Wenbin Zheng: We have been working closely with Microsoft, Google and other vendors while working on their browsers or systems security, and provided lots of 0day vulnerabilities or patches before. In the past five years, we have received 68 official acknowledgements from Microsoft for reporting IE security vulnerabilities or Kernel vulnerabilities.

Ch: Why would you recommend 360Safeguard for internet users?

Wenbin Zheng: We bring our experiences, technologies and wisdom on security defense together to 360 Safeguard, we hope that more people can use our products, and better use our abilities to protect their network security.

Ch: What projects is 360Vulcan and 360Safeguard working on for the future that would interest our readers and internet users?

Wenbin Zheng: In the future, 360Vulcan Team will still focus on the security vulnerabilities exploitation and defense technologies of software and system, to seek new technologies and challenges. 360Safeguard Team will better use and combine our research achievements, to better applying into our security products.

Ch: How do you think hacking as a skill benefits security professionals and software developers?

Wenbin Zheng: Hacking as a skill benefits the software vendors and security companies to constantly improving and perfecting the defense technology. Only with a deeper understanding of attack techniques can make security professionals and software developers know how to avoid security problems, design better security products in depth.

Post Views: 243
W3Schools
Related Items360Safeguard360VulcanInternet ExplorerInterviewPwn2Own
Conventions
March 27, 2015
blank
John Cusack

As part of the editorial team here at Geekreply, John spends a lot of his time making sure each article is up to snuff. That said, he also occasionally pens articles on the latest in Geek culture. From Gaming to Science, expect the latest news fast from John and team.

Related Items360Safeguard360VulcanInternet ExplorerInterviewPwn2Own

More in Conventions

Transylvania Comic Con

Transylvania Comic Con kicks off in exactly two weeks

Matt DavisOctober 4, 2019
Read More
Transylvania ComicCon

Less than three weeks to go until Transylvania ComicCon

Violet LittleSeptember 30, 2019
Read More
mmorpg

The 5 best MMORPG games you can play right now

Matt DavisFebruary 28, 2019
Read More
Brony

The Brony Fandom has an Image Problem

Ule LopezFebruary 19, 2018
Read More
Expo

GG Expo: The First eSports Convention Announced

Ule LopezOctober 24, 2017
Read More
blank

New York Comic Con has Video Game Demos Too, Ya Know

Aaron GreenbaumOctober 10, 2017
Read More
blank

NYCC Panelists Have Sound Advice on Writing Characters with Disabilities

Aaron GreenbaumOctober 9, 2017
Read More
blank

Marvel Ends NYCC with Panel Announcing Marvel HQ Youtube Channel

Aaron GreenbaumOctober 9, 2017
Read More
blank

Agents of S.H.I.E.L.D. Will Fight Aliens in Outer Space During Season Five

Aaron GreenbaumOctober 7, 2017
Read More
Scroll for more
Tap
  • Popular

  • Latest

  • Comments

  • blank
    Orlando Bloom and David Harbour Share the Gran Turismo movie’s first trailer
    GamingJanuary 5, 2023
  • blank
    The highlight of the PSVR2 demo at CES was Horizon Call of the Mountain
    GamingJanuary 5, 2023
  • blank
    For Years, Sony Has Been Developing an Accessibility Controller for the PS5
    GamingJanuary 5, 2023
  • blank
    Remake of Silent Hill 2 Dev is “Very Safe” with Any Changes
    GadgetsJanuary 5, 2023
  • blank
    iPhone 14 – 10 LEAKED Features!
    GadgetsJanuary 20, 2022
  • Stellar Data Recovery Professional for Mac
    Stellar Data Recovery Professional for Mac- It can surely save the day
    ReviewsSeptember 26, 2019
  • blank
    PS5 in its Actual Size Seen Being Installed in Dubai
    ConsolesFebruary 1, 2023
  • blank
    According to a Digital Foundry Analysis, Dead Space PS5 is the “best-in-class” game
    ConsolesFebruary 1, 2023
  • blank
    Steel Seed, a stealth action game, has a moody PS5 announcement trailer
    GamingFebruary 1, 2023
  • blank
    On the first anniversary, Dying Light 2 Support is Detailed and the Dying Light Series Ships 30 Million
    ConsolesFebruary 1, 2023
  • blank
    Ule || TSR says:

    That is far from the intention in this article. Especially…

  • blank
    Romuska Palo Ur Laputa says:

    Most of the characters became unlikable and regressed backwards, the…

  • blank
    reversalmushroom says:

    Lauren Faust has not been part of My Little Pony…

  • blank
    reversalmushroom says:

    Like what?

Geek Reply

Greetings techies! We are Geek Reply, a website whose main goal is to bring you all the latest news and updates from within the industry and beyond. What can you expect to find here?

Professional journalism coupled with expository writing for the most part, but we also give our honest opinion or throw in a pinch of humor for good measure when we deem it necessary. Our team is comprised of enthusiasts from across a wide variety of fields ranging from smartphone junkies to camera nerds, and everything in between. But perhaps you were looking for your daily dose of science news or hoping to read about the latest apps. If that’s the case, don’t worry, you came to the right place.

GeekReply Secured with GeekReply Scured
Nintendo Switch GeekReply

Copyright © 2022 GeekReply - Webdesign & Marketing - iPublicitate

Mortal Kombat X trailer is being created with help from System of a Down
Doctor Who and Game of Thrones crossover is now one step closer