Story image

Potential Windows zero-day security exploit worth $90,000 on underground market

02 Jun 16

A single Windows zero-day vulnerability could be sold amongst the underground cybercrime markets, potentially affecting more than 1.5 billion Windows users, researchers at Trustwave have found.

Although not confirmed, the local privilege escalation (LPE) exploit affects every version of Microsoft Windows, from Windows 2000 up to Windows 10 and could allow cyber criminals to wreak havoc on computers. 

The threats come from the ability for hackers to give any Windows user accounts administrator privilege, thus allowing access to potential areas such as malicious software installation, network access, user settings and remote control of a computer.

Researchers at Trustwave's Spiderlabs Research stated in a blog that while zero-exploits are still rare, they are still worrying.

Although it is difficult to ascertain the kind of prices they are worth in the underground economy, but malware developers are increasingly monetising threat development and selling them for high prices.

Spiderlabs Research has found examples of underground forums that are collaborative hubs to hire malware coders, as well as leasing exploit kits and purchasing web shells and bot nets. the purchase of web shells or botnets.

Spiderlabs Research recommends:

  • Keeping your software up-to-date. Sometimes LPE exploits are used in conjunction with RCE exploits. If you are patched against the RCE part of the cyber attack, that may lessen the amount of damage a zero-day attack can make.
  • Using a full range of security software to give high protection and prevent weaknesses that could allow attacks to enter the system
  • Use common sense: Don't click suspicious links or open attachments from unknown sources.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.