FORTUNE -- Everybody's Web software got "pwned" at the Pwn2Own hackers conference this week: Apple's (AAPL) Safari, Google's (GOOG) Chrome, Microsoft's (MSFT) Internet Explorer, Mozilla's Firefox and Adobe's (ADBE) Reader and Flash.
Chrome was hacked by a French team from Vupen Security with a use-after-free vulnerability that affects both the WebKit and Blink rendering engines.
Safari was defeated by Liang Chen, one of a pair Chinese Keen Team hackers, using a heap-overflow-and-sandbox-bypass combination that took three months to perfect.
"For Apple, the OS is regarded as very safe and has a very good security architecture," Chen told ThreatPost's Michael Mimoso. "Even if you have a vulnerability, it's very difficult to exploit. Today we demonstrated that with some advanced technology, the system is still able to be pwned. But in general, the security in OS X is higher than other operating systems."
In a separate interview with CNET, Chen said that OS X is harder to attack than iOS 7.0 because Apple issues security updates for its desktop operating system more frequently than for its mobile OS.
The two-day event, sponsored by Hewlett-Packard (HPQ) and organized by the HP-owned Zero-Day Initiative, paid out $850,000 in prize money to eight teams of competitors, plus another $82,500 in charitable donations. The event was staffed by observers from Apple and the other companies, which will presumably now start patching those holes.
"I think the Webkit fix will be relatively easy," Chen told Mimoso. "The system-level vulnerability is related to how they designed the application; it may be more difficult for them."
CORRECTION: An earlier version of this story had the prize money wrong. Keen Team won $62,500 for pwning Safari and another $75,000 for an Adobe Flash exploit for a total of $137,500. Source: Pwn2Own 2014: Rules and Unicorns
Author Peter W. Singer on the cybersecurity issues threatening the American economy.
By Clay Dillow
FORTUNE -- "Ninety-seven percent of Fortune 500 companies have been hacked," says Peter W. Singer, "and likely the other 3% have too, they just don't know it." Such is the less-than-rosy picture painted by Singer -- director of the Center for 21st Century Security and Intelligence at D.C. think tank Brookings Institution and bestselling author of MOREJan 6, 2014 12:13 PM ET
A hacker calling himself "Mauritania Attacker" listed the names and some account information (no passwords) of 15,000 Twitter users. It's probably a good idea for users to clean up their apps.
FORTUNE -- A hack of Twitter exposing thousands of usernames and associated third-party access tokens appears not to have done any real damage, but it has made a lot of people realize how many third-party apps they have authorized, inspiring MOREDan Mitchell, contributor - Aug 20, 2013 3:28 PM ET
Kevin Mandia, who uncovered Chinese hacking, describes how he stumbled onto one of the largest domestic security breaches ever.
FORTUNE -- When 42-year-old Kevin Mandia went public last February with a 60-page report detailing the Chinese theft of American trade secrets, the move propelled his cybersecurity firm Mandiant to the forefront of a national security fire storm.
The story of how Mandia discovered one of America's largest security breaches ever -- and MOREJP Mangalindan, Writer - Jul 24, 2013 7:34 PM ET
Are China's hacker attacks and its anti-Apple campaign both preludes to a trade war?
FORTUNE -- Hillary Clinton and Admiral Mike Mullen. The nuclear weapons labs at Los Alamos and Oak Ridge. The U.S. Departments of Homeland Security, State, Energy and Commerce. The Wall Street Journal and the New York Times. Lockheed Martin, Dow Chemical and Coca Cola. Adobe, Yahoo and Google
That, according to an alarming (and alarmingly hawkish) article in the Wall Street Journal's weekend edition, is a partial MOREPhilip Elmer-DeWitt - Mar 31, 2013 8:02 PM ET
The programming platform Oracle inherited from Sun continues to plague Apple
FORTUNE -- "Java's not worth building in," Steve Jobs told the New York Times' John Markoff in 2007. "Nobody uses Java anymore. It's this big heavyweight ball and chain."
To Jobs' regret, Java did not disappear. The write-once-run-anywhere programming platform that Sun Microsystems developed and Oracle (ORCL) inherited continues to drag Apple (AAPL) down.
On Tuesday, with foreign hacker attacks on U.S. MOREPhilip Elmer-DeWitt - Feb 20, 2013 6:30 AM ET
For reasons unclear, the online store was not responding Wednesday morning
[UPDATE: As of 11:10 a.m. EST the store seems to be functioning properly. No new products that I can see. Never did get an explanation from Apple PR.]
[UPDATE 2: As of noon EST, the site seems to be misbehaving again. Still no word out of Apple.]
[UPDATE 3: Reader Mehdi Daoudi of Catchpoint Systems reports that the site had fully recovered MOREPhilip Elmer-DeWitt - Aug 17, 2011 9:51 AM ET
With hackers running riot on the Internet, here's how you can get paid to stop them.
By Alex Konrad, contributor
FORTUNE -- Don't let the headlines about New Corp.'s (NWSA) recent phone follies give you the wrong idea about hacking: Cyber crime is only getting more complex and dangerous, but it is creating new jobs for people who want to fight it. Recent high-profile hacks of government sites, Citigroup (C), and Sony MOREJul 22, 2011 5:00 AM ET
The vulnerability of 225 million iTunes credit card accounts has been grossly exaggerated
The headlines over the July 4th weekend were pretty scary.
Wall Street Journal: "Computer-Hacking Group Targets Apple In Latest Attack"
Financial Times: "Hackers Claim Attack on Apple Server"
Gizmodo: "Apple Is Latest Company To Feel the Might of AntiSec's Hacking Power"
Coming less than a month after Steve Jobs unveiled Apple's (AAPL) iCloud project, the reports had a predictably unsettling effect.
"WOW," wrote MOREPhilip Elmer-DeWitt - Jul 4, 2011 8:29 AM ET
It's hard to get a handle on the hacker community, but here's a look at the range of people -- from lone geeks to organized governments -- who could be behind recent security breaches.
FORTUNE -- The recent hacking headlines make it seem like we're in the middle of a cyberwar: In the past few weeks, there have been revelations of security breaches at organizations including Citigroup, Sony, the IMF, and MOREShelley DuBois, writer-reporter - Jun 16, 2011 1:58 PM ET
|Where you live plays a big role in your total income tax bill|
|5 people you might not tip (but should)|
|Many recalled cars won't be repaired|
|Medicare pays doctors less than private insurance|
|When she earns more than he does - More Money|