2023
Best Desktop Bug: CountExposure!
Best Cryptographic Attack: Video-based cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED
Best Song: Clickin’
Most Innovative Research: Inside Apple’s Lightning: Jtagging the iPhone for Fuzzing and Profit
Most Under-Hyped Research: Activation Context Cache Poisoning
Best Privilege Escalation Bug: URB Excalibur: Slicing Through the Gordian Knot of VMware VM Escapes
Best Remote Code Execution Bug: ClamAV RCE
Lamest Vendor Response: Three Lessons From Threema: Analysis of a Secure Messenger
Most Epic Fail: “Holy fucking bingle, we have the no fly list,”
Epic Achievement: Clement Lecigne: 0-days hunter world champion
Lifetime Achievement Award: Mudge
2022
Best Song: Dialed Up
Lamest Vendor Response: Google’s top security teams unilaterally shut down a counterterrorism operation
Epic Achievement: Yuki Chen’s Windows Server-Side RCE Bugs
Most Epic Fail: HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
Best Desktop Bug: Architecturally Leaking Data from the Microarchitecture
Most Innovative Research: Custom Processing Unit: Tracing and Patching Intel Atom Microcode
Best Cryptographic Attack: Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86
Best Remote Code Execution Bug: Windows RPC Runtime Remote Code Execution (CVE-2022-26809)
Best Privilege Escalation Bug: Mystique in the House: The Droid Vulnerability Chain That Owns All Your Userspace
Best Mobile Bug: FORCEDENTRY
Most Under-Hyped Research: Spoofing IP with IPIP
2021
Lamest Vendor Response: Cellebrite Response to Moxie
Best Privilege Escalation Bug: Heap-based buffer overflow in Sudo!
Best Song: The Ransomware Song
Best Server-Side Bug: Microsoft Exchange Server (CVE-2021-26855, CVE-2021-27065, and others TBD)
Best Cryptographic Attack: NSA/CVE-2020-0601
Most Innovative Research: Speculative Probing: Hacking Blind in the Spectre Era
Most Epic Fail: PrintNightmare
Best Client-Side Bug: Exploiting Samsung Secure Chip (CVE-2020-28341)
Most Under-Hyped Research: 21 Nails
Epic Achievement: Prank Calls for Truth
Epic Achievement: Ilfak Guilfanov
2020
Best Server-Side Bug: BraveStarr – A Fedora 31 netkit telnetd remote exploit
Best Privilege Escalation Bug: checkm8 – Epic JailBreak
Epic Achievement: Guang Gong
Best Cryptographic Attack: Zerologon
Best Client-Side Bug: RCE on Samsung Phones via MMS
Most Under-Hyped Research: Vulnerabilities in System Management Mode (SMM) and Trusted Execution Technology (TXT)
Most Innovative Research: TRRespass: When Memory Vendors Tell You Their Chips Are Rowhammer-free, They Are Not.
Most Epic Fail: Microsoft
Best Song: Lady Ada – Powertrace (Pokerface Song Parody / PLATYPUS Paper Teaser)
Lamest Vendor Response: Daniel J. Bernstein
2019
Most Innovative Research: Vectorized Emulation
Most Under-Hyped Research: Thrangrycat
Most Epic Fail: Bloomberg’s Infosec Fan Fiction
Most Over-Hyped Bug: Super Micro – The big hack
Lamest Vendor Response: BitFi
Best Cryptographic Attack: Dr4g0nbl00d
Best Privilege Escalation Bug: iOS CVE-2019-6225
Best Client-Side Bug: The Horrible Facetime Group Messaging Bug
Best Server-Side Bug: Pulse Secure SSL VPN (and others!)
Epic Achievement: Steve Christey Coley
2018
Lifetime Achievement Award: Michał Zalewski
Most Over-Hyped Bug: Holey Beep
Lamest Vendor Response: Bitfi
Most Innovative Research: Spectre/Meltdown
Best Cryptographic Attack: Return Of Bleichenbacher’s Oracle Threat
Best Privilege Escalation Bug: Meltdown and Spectre
Best Client-Side Bug: The 12 Logic Bug Gifts of Christmas
Best Server-Side Bug: Intel AMT Remote Vulnerability
2017
Best Server-Side Bug: CVE-2017-0143, 0144, 0145
Lifetime Achievement Award: Felix “FX” Lindner
Epic 0wnage: Shadow Brokers dumps
Most Epic Fail: Laws Down Under
Best Song: Hello (Covert Channel)
Most Over-Hyped Bug: Enter 30 to shell – Cryptsetup bug
Lamest Vendor Response: SystemD bugs
Most Innovative Research: ASLR on the line
Epic Achievement: Federico Bento
Best Branding: GhostButt
Best Backdoor: M.E.Doc
Best Cryptographic Attack: The first collision for full SHA-1
Best Privilege Escalation Bug: Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Best Client-Side Bug: Microsoft Office OLE2
2016
Epic 0wnage: The Juniper Backdoor
Lifetime Achievement Award: Mudge
Best Song: “Cyberlier”
Most Over-Hyped Bug: Badlock (CVE-2016-0128)
Lamest Vendor Response: “WD MyPassword Drive”
Most Innovative Research: Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector
Epic Achievement: Never Giving Up and Never Letting Us Down (CVE-2000-A-BUNCH-OF-THEM)
Best Branding: Mousejack wireless keystroke injection bug
Best Junk or Stunt Hack: Remotely Killing a Jeep on the Highway
Best Backdoor: Juniper ScreenOS: 哈哈哈哈哈哈 (CVE-2015-7755 & CVE-2015-7756)
Best Cryptographic Attack: SSLv2 Crypto attack (CVE-2016-0800)
Best Privilege Escalation Bug: Widevine QSEE TrustZone Privilege Escalation (CVE-2015-6639)
Best Client-Side Bug: glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)
Best Server-Side Bug: Cisco ASA IKEv1/IKEv2 Fragmentation Heap Buffer Overflow (CVE-2016-1287)
2015
Epic 0wnage: Hacking Team
Lifetime Achievement Award: Halvar Flake
Most Epic Fail: Oh, Please… Man!
Best Song: “Clean Slate”
Most Over-Hyped Bug: Shellshock (CVE-2014-6271)
Lamest Vendor Response: “A Peek Under The Blue Coat”
Most Innovative Research: Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
Best Privilege Escalation Bug: UEFI SMM Privilege Escalation
Best Client-Side Bug: Will it BLEND? (CVE-2015-0093, CVE-2015-3052)
Best Server-Side Bug: SAP LZC LZH Compression Multiple Vulnerabilities (CVE-2015-2278, CVE-2015-2282)
2014
Best Server-Side Bug: Heartbleed (CVE-2014-0160)
Best Client-Side Bug: Google Chrome Arbitrary Memory Read Write Vulnerability (CVE-2014-1705)
Best Privilege Escalation Bug: AFD.sys Dangling Pointer Vulnerability (CVE-2014-1767)
Most Innovative Research: RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis
Lamest Vendor Response: AVG Remote Administration Insecure “By Design”
Best Song: “The SSL Smiley Song”
Most Epic Fail: Goto Fail
Epic 0wnage: Mt. Gox
2013
Best Server-Side Bug: Ruby on Rails YAML (CVE-2013-0156)
Best Client-Side Bug: Adobe Reader Buffer Overflow and Sandbox Escape (CVE-2013-0641)
Best Privilege Escalation Bug: iOS incomplete codesign bypass and kernel vulnerabilities (CVE-2013-0977, CVE-2013-0978 and CVE-2013-0981)
Most Innovative Research: Identifying and Exploiting Windows Kernel Race Conditions via Memory Access Patterns
Best Song: All the Things
Most Epic Fail: Nmap: The Internet Considered Harmful – DARPA Inference Checking Kludge Scanning
Epic 0wnage: Joint nomination to Edward Snowden and the NSA
2012
Best Client-Side Bug: Pinkie Pie’s Pwnium Exploit
Best Client-Side Bug: Sergey Glazunov’s Pwnium Exploit
Best Server-Side Bug: “Are we there yet?” MySQL Authentication Bypass (CVE-2012-2122)
Best Privilege Escalation Bug: MS11-098: Windows Kernel Exception Handler Vulnerability (CVE-2011-2018)
Most Innovative Research: Packets in Packets: Orson Welles’ In-Band Signaling Attacks for Modern Radios
Best Song: Control
Most Epic Fail: F5 Static Root SSH Key
Epic 0wnage: “Flame” Windows Update MD5 Collision Attack
2011
Best Server-Side Bug: ASP.NET Framework Padding Oracle (CVE-2010-3332)
Best Client-Side Bug: FreeType vulnerability in iOS (CVE-2011-0226)
Best Privilege Escalation Bug: Windows kernel win32k user-mode callback vulnerabilities (MS11-034)
Most Innovative Research: Securing the Kernel via Static Binary Rewriting and Program Shepherding
Lamest Vendor Response: RSA SecurID token compromise
Best Song: The Light It Up Contest
Most Epic Fail: Sony
Most Epic Fail: Sony
Most Epic Fail: Sony
Most Epic Fail: Sony
Most Epic Fail: Sony
Epic 0wnage: Stuxnet
2010
Best Server-Side Bug: Apache Struts2 framework remote code execution (CVE-2010-1870)
Best Client-Side Bug: Java Trusted Method Chaining (CVE-2010-0840)
Best Privilege Escalation Bug: Windows NT #GP Trap Handler (CVE-2010-0232 )
Most Innovative Research: Flash Pointer Inference and JIT Spraying
Lamest Vendor Response: LANRev remote code execution
Best Song: Pwned – 1337 edition
Most Epic Fail: Microsoft Internet Explorer 8 XSS filter
2009
Best Server-Side Bug: Linux SCTP FWD Chunk Memory Corruption (CVE-2009-0065)
Best Privilege Escalation Bug: Linux udev Netlink Message Privilege Escalation (CVE-2009-1185)
Best Client-Side Bug: msvidctl.dll MPEG2TuneRequest Stack buffer overflow (CVE-2008-0015)
Epic 0wnage: Red Hat Networks Backdoored OpenSSH Packages (CVE-2008-4250)
Most Innovative Research: From 0 to 0day on Symbian
Lamest Vendor Response: Linux
Most Over-Hyped Bug: MS08-067 Server Service NetpwPathCanonicalize() Stack Overflow (CVE-2008-4250)
Best Song: Nice Report
Most Epic Fail: Twitter Gets Hacked and the “Cloud Crisis”
Lifetime Achievement Award: Solar Designer
2008
Best Server-Side Bug: Windows IGMP kernel vulnerability (CVE-2007-0069)
Best Client-Side Bug: Multiple URL protocol handling flaws
Mass 0wnage: An unbelievable number of WordPress vulnerabilities (CVE-2008-*)
Most Innovative Research: Lest We Remember: Cold Boot Attacks on Encryption Keys
Most Innovative Research: Defeating a VM packer with a decompiler written in OCaml
Lamest Vendor Response: McAfee’s “Hacker Safe” certification program
Most Over-Hyped Bug: Unspecified DNS cache poisoning vulnerability (CVE-2008-1447)
Best Song: Packin’ The K!
Most Epic Fail: Debian for shipping a backdoored OpenSSL library for two years (CVE-2008-0166)
Most Epic Fail: Windows Vista for proving that security does not sell
Lifetime Achievement Award: Tim Newsham
2007
Mass 0wnage: WMF SetAbortProc remote code execution (CVE-2005-4560)
Best Server-Side Bug: Solaris in.telnetd remote root exploit (CVE-2007-0882)
Best Client-Side Bug: Unhandled exception filter chaining vulnerability (CVE-2006-3648)
Most Innovative Research: Temporal Return Addresses
Lamest Vendor Response: OpenBSD IPv6 mbuf kernel buffer overflow (CVE-2007-1365)
Most Over-Hyped Bug: MacBook Wi-Fi Vulnerabilities
Best Song: Symantec Revolution