The 2021 Tianfu Cup, China’s largest hacking competition, was successfully completed last weekend, replicating the success of the Pwn2Own tournament. These tournaments announce targets a few months in advance and award prize dollars for specific hacking successes. A number of commonly used systems such as Windows 10, Ubuntu 20, and iOS 15 were hacked by Chinese security researchers using newly developed zero-day vulnerabilities demonstrated publicly for the first time during the tournament. These included a zero interaction RCE vulnerability in iOS 15 as well as a two-step arbitrary remote code execution in Google Chrome.
Detecting Backdoor Attacks By Sean Fernandez | Threat Researcher | Binary Defense In part 3