2017 Pwnie Awards: Who Won, Lost, and Pwned

Security pros corralled the best and worst of cybersecurity into an award show highlighting exploits, bugs, achievements, and attacks from the past year.
Best Server-Side Bug: CVEs 2017-0143, -0144, -0145 (The Equation Group)
Best Client-Side Bug: Oil of OLE (Ryan Hanson, Haifei Li, Bing Sun, Unknown Hackers)
Best Privilege Escalation Bug: Drammer (Victor van der Veel et al)
Best Cryptographic Attack: SHAttered (Marc Stevens et al)
Best Backdoor: M.E.Doc (Totally Not Russia)
Best Branding: GhostButt (Atlassian Security Team)
Epic Achievement: Finally getting TIOCSTI ioctl attack fixed (Federico Bento)
Most Innovative Research: ASLR on the line (Ben Gras et al)
Lamest Vendor Response: SystemD (Lennart Poettering)
Most Over-hyped Bug: Enter 30 to shell - Cryptsetup bug (Hector Marco and Ismael Ripoll)
Most Epic Fail: Laws Down Under (Malcolm Turnbull)
Epic 0wnage: Tie - WannaCry and ShadowBrokers
Lifetime Achievement Award: FX

Each year, security experts gather to celebrate the achievements and failures of security researchers and the broader infosec community during the Pwnie awards. This year's ceremony once again took place during the Black Hat USA conference in Las Vegas.

The show's committee accepted nominations for bugs disclosed over the past year, from June 2, 2016 through May 31, 2017. Nominees are judged by a panel of respected security researchers, which according to its website is "the closest to a jury of peers a likely to ever get."

Winners were announced the week of Black Hat during an informal (and hilarious) ceremony hosted by judges and infosec pros Travis Goodspeed, Charlie Miller, Brandon Edwards, Katie Moussouris, and Dino Dai Zovi.

Winners in attendance were honored with "Pwnie" statues; some recipients, like Australian Prime Minister Malcolm Turnbull and the Shadow Brokers, were obviously absent.

The 2017 show included award categories ranging from Best Cryptographic Attack to Best Server-Side Bug to Lamest Vendor Response. Who were this year's winners? Take a look to find out.

Next slide
Recommended Reading: