Inside the economics of hacking – The Washington Post

The questionable: The ‘zero-day’ market Then there’s the “zero-day market” that trades on the private sale of previously unknown vulnerabilities, but generally to governments who look to exploit them for surveillance capabilities. These private sales can offer a heftier price tag than traditional bug bounty programs because the clientele includes intelligence agencies with practically unlimited budgets.This is where Zerodium’s iOS competition comes in. The company is set up to be a middleman that pays independent hackers for new ways to break the security of major software products, and then sells that information to government agencies and major corporations at a premium.Spy agencies value this sort of information because they can use it to get around security measures put in place by software makers to perform digital surveillance. Government hacking is becoming increasingly sophisticated as tech companies, and Apple in particular, have expanded their offerings of strong forms of encryption that prevent even the companies themselves from being able to unlock devices and the content of communications, even when served with a warrant.

Source: Inside the economics of hacking – The Washington Post

SANS Holiday Challenge

In this year’s challenge, you’ll get to match wits with an Artificially Intelligent agent, exploit a target machine, and do some detailed packet capture and file analysis, all with the goal of unraveling the mysteries of the Ghosts of Hacking Past, Present, and Future to save old Ebenezer Scrooge from certain doom.

via SANS Holiday Challenge.

via SANS Holiday Challenge.