http://pwnies.com/nominations/
Nominations for Pwnie Awards 2011
Pwnie for Best Server-Side Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.
http://www.darkreading.com/blog/227700891/pwnie-awards-bring-fame-and-shame.html
Getting Root On The Human Body
Black Hat researcher shows it is possible to remotely control a diabetic's insulin pump without person's knowledge
A researcher who discovered a fundamental design flaw in the kernel of the Windows operating system says the software giant has done a good job of patching so far, but it's likely that more vulnerabilities will emerge before its work is done.
Mandt, who discovered the fundamental flaws in the 15-year-old Win32.sys operating environment, will present his findings on Windows kernel vulnerabilities in a talk that will be presented at Black Hat USA
The vulnerabilities -- and Mandt estimates there could be hundreds of them -- generally are the result of a function in the Win32k graphical user interface called user-mode callbacks, a mechanism that allows the kernel to make calls back into user-mode. User-mode callbacks enable the operating system to do a variety of tasks, such as invoking application-defined hooks, providing event notifications, and copying data to or from user-mode
http://www.darkreading.com/security/news/231300227/pwnie-awards-names-winners.html
presenter Dino Dai Zovi gleefully took the hatchet to Sony when he presented the company with the award for Most Epic Fai
"I know we all have our favorites in this list, but there were a few wildcards in there," he joked, going on to list a number of Sony's failures, including its harassment of researcher GeoHot for his release of the PS3 jailbreak, the loss of millions of credit-card holder details in its massive data breach, and the layoff of many within its network security team just before finding out about the breach.
RSA was also on the hit list, lambasted for its handling of the SecurID breach incident. For that it won the award for Lamest Vendor Response.
The award panel took it to task over Tarjei Mandt's discovery of 40-odd Windows kernel win32k user-mode callback vulnerabilities, winning the company the Best Privilege Escalation Bug award. And presenter Mark Dowd made a sideways joke at the American government's rumored involvement in the development of the Stuxnet malware when he granted the Trojan the Epic 0wnage award.
Vulnerabilities in the increasingly popular chip-and-PIN authentication technology used in credit cards could make it easy for attackers to steal data at the point of sale, a researcher says.
Attack of the Apple laptop battery: Vulnerability could be used to install malware
The new MacBook Airs have arrived to some rave reviews, but here’s a scary thought: a security researcher says that Apple’s laptop batteries are vulnerable to potential attacks that could plant malware or even be rigged to damage the laptop. The researcher in question is Charlie Miller, who has won the annual Pwn2Own contest four times with his Mac OS X and iOS exploits, so he knows what he’s talking about.
Miller found that Apple gives the same password to the logic chip that allows Apple to send out battery firmware updates. The problem is that this opens the door for malicious crackers who could potentially alter that firmware and do a lot of mischief. Here’s the scoop from the Security News Daily:
http://www.securitynewsdaily.com/apple-laptop-battery-hack-0990/
Miller reverse-engineered the Apple battery firmware ("bricking," or permanently damaging, seven of the $130 batteries in the process) and discovered how to alter it to send false readings to the laptop user, to damage the battery or even to serve as a hidden repository for malware.
"You could put a whole hard drive in, reinstall the software, flash the BIOS and every time it would re-attack and screw you over," Miller told Greenberg. "There would be no way to eradicate or detect it other than removing the battery."
The greater problem
Could the firmware be rigged to make the battery explode? Miller found that the Apple batteries had built-in fuses to prevent serious overheating, but there's no guarantee counterfeit batteries would have such safeguards.
Miller has written a patch — he's calling it "Caulkgun" — for the Apple battery vulnerability and will release it at Black Hat.
For malicious hackers, it's just a matter of finding out what those passwords are.