Winners of Pwnie Awards 2013
Pwnie for Best Server-Side Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.
Pwnie for Best Client-Side Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting client-side bug.
Adobe Reader Buffer Overflow and Sandbox Escape (CVE-2013-0641)
Just in time for last Valentine's day, FireEye found a sophisticated PDF attack in the wild that exploited Adobe Reader and escaped its sandbox. This exploit wanted to show its love for clipboard buffer lengths all in a pure-ROP payload.
Pwnie for Best Privilege Escalation Bug
Awarded to the person who discovered or exploited the most technically sophisticated and interesting privilege escalation vulnerability. These vulnerabilities can include local operating system privilege escalations, operating system sandbox escapes, and virtual machine guest breakout vulnerabilities.
According to statistics in February, the evasi0n exploit works for at least 5 million people every time they boot their iPhone. It bypasses code signing by interposing with an incomplete codesign bug in the dynamic loader. It bypasses user space ASLR by using the dynamic linker. It exploits an untrusted pointer in the kernel with some help from a heap info leak, the ARM data abort interrupt handler and some techniques by Tarjei Mandt by Mark Dowd.
Pwnie for Most Innovative Research
Awarded to the person who published the most interesting and innovative research in the form of a paper, presentation, tool or even a mailing list post.
Identifying and Exploiting Windows Kernel Race Conditions via Memory Access Patterns
The research consisted of two major parts: employing CPU-level OS instrumentation to locate potential double fetch vulnerabilities in the kernels of different operating systems, and discovering and testing practical means of exploiting such memory-bound race conditions in practical scenarios. Not only the topic is interesting, but bochspwn was used to find at least 37 vulnerabilities in windows kernel / drivers (plus some minor system crashes).
Pwnie for Best Song
What kind of awards ceremony does not have an award for best song?
All the Things
Something tells me that this song's chorus will be quite popular in Vegas this year...
Pwnie for Most Epic FAIL
Sometimes giving 110% just makes your FAIL that much more epic. And what use would the Internet be if it wasn't there to document this FAIL for all time? This award is to honor a person or company's spectacularly epic FAIL.
Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning
Quoting from the artile published in Hackin9 magazine: "The concept of autonomous methodologies has been studied before in the literature . Next, the well-known framework by David Johnson et al. does not store Smalltalk as well as our method. Further, Wilson and Zhao  originally articulated the need for the understanding of linked lists. It remains to be seen how valuable this research is to the software engineering community. Ultimately, the methodology of R. Zhao et al. is a theoretical choice for the exploration of super-pages. Our design avoids this overhead."
We couldn't have said it better.
Pwnie for Epic 0wnage
0wnage, measured in owws, can be delivered in mass quantities to a single organization or distributed across the wider Internet population. The Epic 0wnage award goes to the hackers responsible for delivering the most damaging, widely publicized, or hilarious 0wnage. This award can also be awarded to the researcher responsible for disclosing the vulnerability or exploit that resulted in delivering the most owws across the Internet.
Edward Snowden's leak of NSA secrets was an epic example of the insider threat to information security, while his revalations convinced many that the entire Internet is thoroughly and epicly owned!
Pwnie for Lifetime Achievement
Awarded to those of us who have moved on to bigger and better things.