Pwnie award shortlists announced
The shortlists have been announced for this year's Pwnie awards.
The awards are set to be presented at an event to coincide with this year's Black Hat USA conference in Las Vegas, Nevada next week. A total of nine awards will be presented for best server-side bug, best client-side bug, best privilege escalation bug, most innovative research, most epic fail, epic 0wnage and ‘lamest vendor response'.
Sony has received five nominations for Pwnie for ‘Most Epic Fail', including one nomination for releasing ‘a significant number of their network security team'.
In the nominations for the Pwnie for ‘Epic 0wnage', that ‘goes to the hackers responsible for delivering the most damaging, widely publicised or hilarious 0wnage', are Anonymous for hacking HBGary, LulzSec for hacking everyone, Stuxnet and Bradley Manning and WikiLeaks.
An award will also be given to ‘best song' and videos can be seen on the official website http://pwnies.com/nominations/.
At last year's awards, the award for best server-side bug went to Apache Struts2 framework remote code execution (CVE-2010-1870), while the best client-side bug went to Java trusted method chaining (CVE-2010-0840).
The awards for best privilege escalation bug went to Windows NT #GP trap handler (CVE-2010-0232), and for most innovative research to Dionysus Blazakis for Flash Pointer inference and JIT spraying. The Pwnie for ‘most epic fail' went to the Microsoft Internet Explorer 8 XSS filter, which was released with built-in cross-site scripting filters that, for nearly a year after release, enabled cross-site scripting on otherwise secure sites.