Contest organizers this year increased sixfold the prizes given out for successful zero-day browser exploits during the CanSecWest security conference, but wound up with just one more exploit to show for it.

VANCOUVER -- Dueling browser-exploit contests at the CanSecWest conference yielded immediate results -- two hacks against Google Chrome -- with contestants in both competitions demonstrating exploits within an hour of the contests' opening.

A single group of hackers using spearphishing has stolen industrial drawings, contracts and more from at least 10 oil, gas and defense companies in Norway, according to a published report.

Hack week in Vegas

During the Black Hat and Defcon conferences in Las Vegas last week, researchers wheeled out their best new attacks on everything from browsers to automobiles, demonstrating ingenuity and diligence in circumventing security efforts or in some cases in exploiting systems that were built without security in mind. Here's a handful of the ones that deserve the most concern.

For two decades, the dominant security model has been location-centric. We instinctively trust insiders and distrust outsiders, so we build security to reflect that: a hard perimeter surrounding a soft inside. The model works best when there's only one connection to the outside, offering a natural choke point for firewall defense.

It's unlike any conference badge you've seen before. Sleek, stylish, programmable, and made out of metal. It's the Defcon 18 conference badge. Unveiled at the annual hacker conference in Las Vegas, here's a first look at this year's badge.