Security researcher Sergei Golubchik won the Pwnie award for best server-side bug after discovering a flaw in MySQL that allowed attackers to bypass authentication by repeatedly trying to log in with bad passwords.

Security researcher Mateusz Jurczyk, also known as "j00ru," won the Pwnie for the best privilege escalation bug for finding a vulnerability in the Windows kernel that affected all 32-bit versions of Windows.

The Pwnie award for the most innovative security research went to security researcher Travis Goodspeed for developing a method of sending data packets over the Internet that can inject additional packets into internal networks.