Skip to main content

Vupen

Vupen Cashes in Four Times at Pwn2Own

posted onMarch 14, 2014
by l33tdawg

It’s become a familiar walk for Chaouki Bekrar. Year after year at the Pwn2Own contest, the controversial Vupen founder is scurried from a small room in the basement of the Sheraton hotel to a suite several floors above. It’s a short journey from where a string of zero-day exploits are executed to where formal disclosure is made to the vendor in question. It’s also where payment is arranged, and on this day, exclusivity is promised to HP’s Zero Day Initiative.

NSA Contract With VUPEN Revealed

posted onSeptember 17, 2013
by l33tdawg

The National Security Agency is considered by some to have the best roster of hackers in the world; but sometimes even the best need some help. That may well be the reason the NSA became a customer of French hacking-tools vendor Vupen in 2012.

The spying agency, which has been scrutinized of late for its top secret surveillance programs revealed by Edward Snowden, bought a one-year subscription to Vupen's Binary Analysis and Exploits service in 2012, as revealed on Tuesday by documents obtained by MuckRock through a Freedom of Information Act request.

Microsoft Pressured To Patch Zero Day As VUPEN Creates Serious Exploit

posted onJune 21, 2012
by l33tdawg

Microsoft is facing pressure to patch a zero-day threat that is being exploited in the wild, as vulnerability seller VUPEN has found a way to make the exploit work across all Windows platforms.

Attack code for the CVE-2012-1889 flaw, which affects Microsoft XML component found in Internet Explorer, was published earlier this month. The vulnerability could allow remote code execution if a user visits a specially-crafted webpage on Internet Explorer.