The winners of the annual Pwnie awards were announced this week in Las Vegas.
Tying in with the Black Hat and Def Con conferences taking place in the city, a total of eight research-led awards were given out on the night. One was the lifetime achievement award, given to late researcher Barnaby Jack, who died in San Francisco days before he was due to present at Black Hat.
In the other awards, the Pwnie for Best Server-Side Bug was won by Ben Murphy for Ruby on Rails YAML, when multiple weaknesses in the parameter parsing code were revealed in January.
The award for Best Client-Side Bug, went to an unknown for an Adobe Reader Buffer Overflow and Sandbox Escape, while the Pwnie for Best Privilege Escalation bug went to David Wang and the evad3rs team for the iOS incomplete codesign bypass and kernel vulnerabilities (CVE-2013-0977, CVE-2013-0978 and CVE-2013-0981). This affected at least five million people when they switched their iPhone on.
The award for Most Innovative Research went to Mateusz Jurczyk and Gynvael Coldwind for identification and exploitation of Windows Kernel Race Conditions via Memory Access Patterns.
The Pwnie for ‘most epic fail' went to Hackin9 magazine for publishing a fake article, while the Pwnie for ‘epic 0wnage' went to Edward Snowden. Finally the award for best song went to Dual Core for ‘All the Things'.