The 2020 Tianfu Cup International Cyber ​​Security Competition has ended 34 participating teams staged a technical feast

2020-11-09 3061


On November 9 , the two-day "Tianfu Cup" 2020 International Cyber Security Competition and 2020 Tianfu International Cyber Security Summit Forum came to an end in Chengdu. 34 participating teams presented a wonderful network security technology feast in 2 days , Multiple award winners are also officially announced.

The "Tianfu Cup" International Cyber Security Competition has been held three times so far. The actual number of cracked projects and the number of participating teams in the competition have been increasing year by year. The participants of the 2020 Tianfu Cup Cybersecurity Competition include 34 teams from all over the world. The total number has reached a new high, and nearly 90% of them are new faces.

The reporter learned that the Tianfu Cup 2020 International Cyber Security Competition has set up three independent and parallel competitions, namely the original vulnerability demonstration recurrence competition, the product cracking competition and the system cracking competition.

Among them, the first two links are required parts of the cracking contest. Each participating team needs to choose one as the entry item when registering. The system cracking contest is set as an open competition link, which is provided on-site for interested players to crack.

A total of 10 teams were selected in the original loopholes recurrence competition, and 20 original loopholes were demonstrated on the Internet of Vehicles and smart home devices. A total of 24 teams in the product cracking competition started cracking 16 items.

In the 2020 "Tianfu Cup", the products that are determined to be cracked include:

IPhone11 Pro running iOS 14

Samsung Galaxy S20

Windows 10 v2004 (April 2020 version)

Ubuntu

Chrome

Safari

Firefox

Adobe PDF reader

Docker(Community Edition)

VMWare EXSi (hypervisor)

QEMU (emulator and virtualizer)

TP-link and ASUS router firmware

It is worth mentioning that this competition set a prize of 1 million US dollars, of which 90% of the prize money is used for the product cracking competition, and the remaining 10% of the prize money is used for the vulnerability demonstration recurrence competition. The bonus is dynamically adjusted according to the participating teams and vulnerability submissions. Distribution ratio.

In addition to the bonus, the competition will set up the best vulnerability demonstration award, the best vulnerability reproduction award, the best product cracking award (divided into first, second, and third prizes), the most valuable product cracking award and the successful cracking award of the system cracking competition. .

According to multiple media reports, the 360 Government and Enterprise Security Team (360 Government and Enterprise Security Vulnerability Research Institute, 360 Falling Leaves Zhiqiu, 360CDSRC) won the highest award of US$812,500. The award information of other teams is yet to be discovered.

In addition, the above-mentioned original cracked vulnerabilities have been submitted to relevant manufacturers, and the participating teams will also assist giant companies such as Google, Apple, and VMware to fix vulnerabilities as soon as possible for the products compromised in the competition.