In case you thought that the mass exodus of researchers from TippingPoint’s Zero Day Initiative in recent months meant that the demand for third-party vulnerability markets was waning, fear not. Several former members of the ZDI team have come back together to form a new firm called Exodus Intelligence that will have its own vulnerability purchasing program, among other offerings.
Browsing Category: Hacks
A Pennsylvania man was arrested yesterday after a Massachusetts grand jury issued a four-count indictment alleging that he hacked into computer networks belonging to the U.S. Department of Energy (DoE) and the University of Massachusetts and tried to sell access to a DoE supercomputer for $50,000 to an undercover FBI agent.
UPDATE: A Web site used to distribute software updates for a wide range medical equipment, including ventilators has been blocked by Google after it was found to be riddled with malware and serving up attacks. The U.S. Department of Homeland Security is looking into the compromise, Threatpost has learned.
Ryan Cleary, the 20 year-old Essex, England hacker associated with the hacker collective LulzSec, was indicted by a federal grand jury in the United States on Tuesday.
The Honeynet Project launched a new project Thursday that is designed to snare malware that spreads by infecting removable USB (universal serial bus) storage drives, citing the increased reliance of malicious programs on portable drives to move from computer to computer.
A joint letter from some of Washington D.C.’s leading minds in the areas of defense and diplomacy is urging Congress to pass a cyber security bill in some form this year, saying that the U.S. is urgently in need of a new policy and ill-prepared for cyber attacks.
UPDATE: Researchers have identified an ongoing series of attacks, possibly emanating from China, that are targeting a number of high-profile organizations, including SCADA security companies, universities and defense contractors. The attacks are using highly customized malicious files to entice targeted users into opening them and starting the compromise.
Researchers digging through the code of the recently discovered Flame worm say they have come across a wealth of evidence that suggests Flame and the now-famous Stuxnet worm share a common origin.
Last.fm, the online music streaming service, said it has implemented ‘more rigorous’ security for customer account passwords in the wake of reports that some of those passwords had been leaked online.
Claims surfaced earlier this week that the French security firm VUPEN, which is known for selling zero-day vulnerabilities to third parties, had been compromised and more than 100 of the company’s secret bugs had been leaked. However, VUPEN’s CEO said that the claims were totally false and there was no hack, let alone a leak of the company’s vulnerability inventory.