Story image

Potential Windows zero-day security exploit worth $90,000 on underground market

02 Jun 2016

A single Windows zero-day vulnerability could be sold amongst the underground cybercrime markets, potentially affecting more than 1.5 billion Windows users, researchers at Trustwave have found.

Although not confirmed, the local privilege escalation (LPE) exploit affects every version of Microsoft Windows, from Windows 2000 up to Windows 10 and could allow cyber criminals to wreak havoc on computers. 

The threats come from the ability for hackers to give any Windows user accounts administrator privilege, thus allowing access to potential areas such as malicious software installation, network access, user settings and remote control of a computer.

Researchers at Trustwave's Spiderlabs Research stated in a blog that while zero-exploits are still rare, they are still worrying.

Although it is difficult to ascertain the kind of prices they are worth in the underground economy, but malware developers are increasingly monetising threat development and selling them for high prices.

Spiderlabs Research has found examples of underground forums that are collaborative hubs to hire malware coders, as well as leasing exploit kits and purchasing web shells and bot nets. the purchase of web shells or botnets.

Spiderlabs Research recommends:

  • Keeping your software up-to-date. Sometimes LPE exploits are used in conjunction with RCE exploits. If you are patched against the RCE part of the cyber attack, that may lessen the amount of damage a zero-day attack can make.
  • Using a full range of security software to give high protection and prevent weaknesses that could allow attacks to enter the system
  • Use common sense: Don't click suspicious links or open attachments from unknown sources.
SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.