Vupen has been hacked – possibly hit by the unknown unknown
There are reports a French group called Vupen, who are famous as resellers for zero-day vulnerabilities, has been hacked – and 130 zero-days have been leaked. If you look at their target client description you’ll see why this is important (http://www.vupen.com/english/services/lea-index.php). A really basic zero-day can sell for £1000; a decent one – like they sell – can go for £100,000+. If these guys can’t protect themselves then there is little hope for anyone else if someone decides they really want to get in.
Think about that – 130 0-days possibly in the hands of who knows whom… I can feel a rash of Flames coming on.