Almost 300K Awarded For ICS 0day Exploits

The ZDI team brought Pwn2Own to ICS with Pwn2Own Miami at S4x20. They awarded almost $300K to researchers who were able to find and exploit 0day vulnerabilities in important ICS applications. Applications such as HMI and EWS from Rockwell Automation and Schneider Electric, OPC UA, TMW’s DNP3 stack and more.

In this episode I talk with Brian Gorenc and Abdul-Aziz Hariri about the competition. Why they do it? What it achieves? And what happened?

0:00 My brief discussion on which patches matter and which don’t

8:12 My interview with Brian and Abdul

47:47 ZDI’s video wrap up of the event

Tweet Me! @digitalbond
Friday Newsletter: https://mailchi.mp/f53b1c8c2da0/friday