SlideShare a Scribd company logo

No more free bugs - 0days and new markets

ā€¢
ā€¢
Christiaan Ottow
Christiaan Ottow

Talk on the zero-day vulnerbaility market, delivered at NLNOG day 2015. Video at https://www.youtube.com/watch?v=oz5VoCRCNt0&list=PLZZnjVUUZQgQkSGy1fVlOkeJDXHLIPL3e

Internet
1 of 35
Download to read offline
No more free bugs NLNOG-day 2015
No more free bugs - NLNOG 2015 - Pine Digital Security This talk To shed some light on a shady side of the internet ā€¢ Some background on 0days ā€¢ What does the 0day market look like? ā€¢ How is this relevant to us? ā€¢ So now what?
No more free bugs - NLNOG 2015 - Pine Digital Security About Christiaan Ottow CTO of Pine Digital Security christiaan.ottow@pine.nl @cottow
What we do Security services Performing penetration tests, code audits and consulting/training Managed hosting Managed secure hosting services for customers (AS12854) Secure development Developing software for customers with a high security or privacy demand No more free bugs - NLNOG 2015 - Pine Digital Security
No more free bugs - NLNOG 2015 - Pine Digital Security Zero Day (0day) vulnerability: a vulnerability that has not been publicly disclosed
No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Stefan Frei, ā€œThe Known Unknownsā€ [1]
No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Stefan Frei, ā€œThe Known Unknownsā€ [1] 2013
No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life ZDI, 2015 ā€¢ Over 2000 disclosed vulnerabilities ā€¢ Thatā€™s Ā± 600 in the last 18 months ā€¢ 2010: > 30% took > 365 days to patch ā€¢ 180-day automatic disclosure implemented ā€¢ 2013: only 6 vendors > 180 days, 5 > 120 days ā€¢ 2014: 120 day automatic-disclosure implemented Source: ZDI@10: 10 fascinating facts about 10 years of bug hunting [10]
No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Bilge et al, ā€œBefore we knew itā€ [12] 0days live 312 days on average in the wild before disclosure
No more free bugs - NLNOG 2015 - Pine Digital Security Suppliers ā€¢ VUPEN ā€¢ Raytheon ā€¢ Northrop Grumman ā€¢ Endgame Systems ā€¢ Exodus Intelligence ā€¢ VBI ā€¢ Netragard ā€¢ ReVuln ā€¢ Mitnick Security ā€¢ Zerodium
No more free bugs - NLNOG 2015 - Pine Digital Security Growth Subtitle ā€¢ Content Source: Cisco IBSG [8]
No more free bugs - NLNOG 2015 - Pine Digital Security
No more free bugs - NLNOG 2015 - Pine Digital Security Growth drivers ā€¢ Number of targets ā€¢ Government interest ā€¢ ROI per target ā€¢ Skill required
No more free bugs - NLNOG 2015 - Pine Digital Security Hacking Team ā€œWhat you need is a way to bypass encryption, collect relevant data out of any device, and keep monitoring your targets wherever they are, even outside your monitoring domain. Remote Control System does exactly that.ā€ Source: http://www.hackingteam.it/images/stories/galileo.pdf
No more free bugs - NLNOG 2015 - Pine Digital Security Hacking Team ā€¢ Surveillance software ā€¢ Audio recording (phone, Skype, ā€¦) ā€¢ Keystroke logging ā€¢ GPS tracking ā€¢ Impressive list of customers, including oppressive regimes ā€¢ Bahrein, Kazakhstan, Azerbaijan [10] ā€¢ Breached in July 2015, 400GB dumped (inc. mail spools, source code, contracts)
No more free bugs - NLNOG 2015 - Pine Digital Security Suppliers ā€¢ VUPEN ā€¢ Vulnerabilities Brokerage International (VBI) ā€¢ Netragard ā€¢ Vitaliy Toropov Source: Vlad Tsyrklevichā€™s analysis of HT dump
No more free bugs - NLNOG 2015 - Pine Digital Security Pricing The grugq, 2012 Source: Andy Greenberg in Forbes, 2012 [3]
No more free bugs - NLNOG 2015 - Pine Digital Security Pricing Hacking Team, 2015 ā€¢ Adobe Reader + sandbox escape: $100k list price ($80.5k ļ¬nal) ā€¢ Sandbox escape non-exclusive: $90k - $100k ā€¢ Netragard ā€¢ Three Flash Player 0days: $39k - $45k ā€¢ Vitaliy Toropov Source: Andy Greenberg in Forbes, 2012 [3]
No more free bugs - NLNOG 2015 - Pine Digital Security Catalogs Source: Vlad Tsyrklevichā€™s analysis of HT dump
No more free bugs - NLNOG 2015 - Pine Digital Security Source: https://twitter.com/Zerodium/status/644107653745016832
No more free bugs - NLNOG 2015 - Pine Digital Security Business model ā€¢ Acceptance testing ā€¢ Replacement if patched ā€¢ Support on implementation ā€¢ Phased payments
No more free bugs - NLNOG 2015 - Pine Digital Security Actors Researcher Broker VBI Netragard Endgame Systems VUPEN The Grugq Exodus Intelligence ReVuln Northrop Grumman Raytheon Vitaliy Toropov Kevin Mitnick Zerodium Defensive products vendor HP ZDI iDefense VCP Rich Intelligence Agency NSA GHCQ Offensive products vendor Hacking Team Gamma International Dark Markets Poor Intelligence Agency or LEA Sudan Ethiopia Bahrein KLPD ? Vendor of vulnerable product Pentesting companies Exploit pack vendors Intevydis ExploitHub bounties full disc. google p0
No more free bugs - NLNOG 2015 - Pine Digital Security So what? ā€¢ 0days are much like weapons ā€¢ Only, they are almost exclusively interesting for offensive purposes ā€¢ Who beneļ¬ts from having them and who beneļ¬ts from ļ¬xing them?
No more free bugs - NLNOG 2015 - Pine Digital Security So what? ā€¢ Stopping 0day sales will not stop all spies and criminals ā€¢ But it will stop the likes of HackingTeam
No more free bugs - NLNOG 2015 - Pine Digital Security Now what? ā€œ[..] Are vulnerabilities in software dense or sparse? If they are sparse, then every one you ļ¬nd and ļ¬x meaningfully lowers the number of avenues of attack that are extant. If they are dense, then ļ¬nding and ļ¬xing one more is essentially irrelevant to security and a waste of the resources spent ļ¬nding it.ā€ Source: Dan Geer, BlackHat 2014 [8,4]
No more free bugs - NLNOG 2015 - Pine Digital Security Corner the market ā€¢ USG buys them all ā€¢ Reports all to vendors ā€¢ USG then controls the market
No more free bugs - NLNOG 2015 - Pine Digital Security Drain the offensive stockpile ā€œ[..] People deserve to use the internet without fear that vulnerabilities out there can ruin their privacy with a single website visit If we increase user conļ¬dence in the internet in general, then in a hard-to-measure and indirect way, that helps Google tooā€ Source: Wired interview with Chris Evans of Google Project Zero [5]
No more free bugs - NLNOG 2015 - Pine Digital Security Tweak the levers Source: Katie Moussouris, ā€œThe Wolves of Vuln Streetā€, RSA Conference 2015 [6]
No more free bugs - NLNOG 2015 - Pine Digital Security Regulation ā€¢ Wassenaar, a town in Europe ā€¢ Intrusion malware ā€¢ Intrusion exploits ā€¢ IP surveillance
No more free bugs - NLNOG 2015 - Pine Digital Security Regulation ā€¢ The problem with dual use ā€¢ Itā€™s the internet, stupid ā€¢ ACLU is for, EFF has reservations
No more free bugs - NLNOG 2015 - Pine Digital Security Bugs are dense ā€œ[..] Which is: you don't chase and ļ¬x vulnerabilities, you design a system around fundamentally stopping routes of impact. For spender it is eradicating entire bug classes in his grsecurity project. For network engineers it is understanding each and every exļ¬ltration path on your network and segmenting accordingly. Containment is the name of the game. Not prevention.ā€ Source: Bas Alberts, rant on DailyDave, Aug ā€™15 [7]
No more free bugs - NLNOG 2015 - Pine Digital Security Conclusions ā€¢ A new market has emerged that is at best shady ā€¢ Involves actors from govā€™t, commerce and crime mixed on all sides ā€¢ Legal battle being fought together with Crypto Wars II ā€¢ Will have impact on what our kidsā€™ internet will look like
No more free bugs - NLNOG 2015 - Pine Digital Security Questions? Shoot!
No more free bugs - NLNOG 2015 - Pine Digital Security Bibliography ā€¢ [1] Stefan Frei, Dec 2013, ā€œThe Known Unknownsā€, https://www.nsslabs.com/sites/default/ļ¬les/ public-report/ļ¬les/The%20Known%20Unknowns_1.pdf ā€¢ [2] Vlad Tsyrklevichā€™s analysis of Hacking Team leak wrt 0day trading: https://tsyrklevich.net/ 2015/07/22/hacking-team-0day-market/ ā€¢ [3] Forbes/Andy Greenbergā€™s proļ¬le on the grugq: http://www.forbes.com/sites/andygreenberg/ 2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/ ā€¢ [4] Dan Geer, on density and counting of vulns, ā€œFor Good Measureā€: http://geer.tinho.net/fgm/ fgm.geer.1504.pdf ā€¢ [5] Interview with Chris Evans of Google Project Zero by Wired: http://www.wired.com/2014/07/ google-project-zero/ ā€¢ [6] Kate Moussouris, ā€œWolves of Vuln Streetā€: https://hackerone.com/blog/the-wolves-of-vuln- street and https://www.rsaconference.com/writable/presentations/ļ¬le_upload/ht-t08-the-wolves- of-vuln-street-the-1st-dynamic-systems-model-of-the-0day-market_ļ¬nal.pdf ā€¢ [7] Bas Alberts, rant on disclosure, ā€œThe Old Speakā€: https://lists.immunityinc.com/pipermail/ dailydave/2015-August/000976.html ā€¢ [8] Cisco IBSG, # of Internet-connected devices: http://www.cisco.com/web/about/ac79/docs/ innov/IoT_IBSG_0411FINAL.pdf ā€¢ [9] Dan Geer, on cornering the market, BlackHat 2014: http://geer.tinho.net/geer.blackhat. 6viii14.txt NSAā€™s TAO group accidentally off lining Syria: http://thehackernews.com/2014/08/ nsa-accidentally-took-down-syrias.html
No more free bugs - NLNOG 2015 - Pine Digital Security Bibliography ā€¢ [10] ZDI ļ¬gures after 10 years: http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ ZDI-10-10-fascinating-facts-about-10-years-of-bug-hunting/ba-p/6770127#.VfqrprQVf8s ā€¢ [11] HackingTeam customer list: https://theintercept.com/2015/07/07/leaked-documents- conļ¬rm-hacking-team-sells-spyware-repressive-countries/ ā€¢ [12] Bilge et al (Symantec), ā€œBefore we knew itā€ on 0days in the wild, 2012:https:// users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf ā€¢ On 0days on the dark web: https://www.deepdotweb.com/2015/04/08/therealdeal-dark-net- market-for-code-0days-exploits/ ā€¢ Market size 2012: http://www.slate.com/articles/technology/future_tense/2013/01/ zero_day_exploits_should_the_hacker_gray_market_be_regulated.html ā€¢ Market size 2012: http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers- who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-ļ¬gure-fees/ ā€¢ Market size 2012: http://moritzlaw.osu.edu/students/groups/is/ļ¬les/2015/06/Fidler-Second- Review-Changes-Made.pdf ā€¢ Market size 2013: http://www.darkreading.com/vulnerabilities---threats/hacking-the-zero-day- vulnerability-market/d/d-id/1141026 ā€¢ Robert Graham, notes on Wassenaar: http://blog.erratasec.com/2015/05/some-notes-about- wassenaar.html#.VfnEmbQVf8s ā€¢ Heartbleed discovery collision: http://readwrite.com/2014/04/13/heartbleed-security- codenomicon-discovery

Recommended

The internet has trust issues - about StartCom and WoSign
The internet has trust issues - about StartCom and WoSignThe internet has trust issues - about StartCom and WoSign
The internet has trust issues - about StartCom and WoSignChristiaan Ottow
Ā 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...SignalSEC Ltd.
Ā 
Alan kakareka. insight into russian black market
Alan kakareka. insight into russian black marketAlan kakareka. insight into russian black market
Alan kakareka. insight into russian black marketYury Chemerkin
Ā 
Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Rafel Ivgi
Ā 
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs BacsayShakacon
Ā 
DNS Cache Poisoning
DNS Cache PoisoningDNS Cache Poisoning
DNS Cache PoisoningChristiaan Ottow
Ā 
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...HackIT Ukraine
Ā 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
Ā 

Recommended

The internet has trust issues - about StartCom and WoSign
The internet has trust issues - about StartCom and WoSignThe internet has trust issues - about StartCom and WoSign
The internet has trust issues - about StartCom and WoSignChristiaan Ottow
Ā 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...SignalSEC Ltd.
Ā 
Alan kakareka. insight into russian black market
Alan kakareka. insight into russian black marketAlan kakareka. insight into russian black market
Alan kakareka. insight into russian black marketYury Chemerkin
Ā 
Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Webapplicationsecurity05 2010 100601100553 Phpapp02
Webapplicationsecurity05 2010 100601100553 Phpapp02Rafel Ivgi
Ā 
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs Bacsay
0Day Hunting A.K.A. The Story of a Proper CPE Test by Balazs BacsayShakacon
Ā 
DNS Cache Poisoning
DNS Cache PoisoningDNS Cache Poisoning
DNS Cache PoisoningChristiaan Ottow
Ā 
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...
Alfonso De Gregorio - Vulnerabilities and Their Surrounding Ethical Questions...HackIT Ukraine
Ā 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
Ā 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
Ā 
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”9953056974 Low Rate Call Girls In Saket, Delhi NCR
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
Ā 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceCall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Ā 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
Ā 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
Ā 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
Ā 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceCall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Ā 
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
Ā 
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Callshivangimorya083
Ā 
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkataanamikaraghav4
Ā 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
Ā 
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts serviceChennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts servicevipmodelshub1
Ā 
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICE
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICECall Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICE
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICECall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Ā 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
Ā 
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort ServiceEnjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort ServiceDelhi Call girls
Ā 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceCall Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Ā 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
Ā 
2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by Hubspot2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by HubspotMarius Sescu
Ā 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
Ā 

More Related Content

Recently uploaded

Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
Ā 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
Ā 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
Ā 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
Ā 
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
Ā 
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Callshivangimorya083
Ā 
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkataanamikaraghav4
Ā 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
Ā 
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts serviceChennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts servicevipmodelshub1
Ā 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
Ā 
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort ServiceEnjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort ServiceDelhi Call girls
Ā 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
Ā 

Recently uploaded (20)

Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Ā 
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”
Model Call Girl in Jamuna Vihar Delhi reach out to us at šŸ”9953056974šŸ”
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
Ā 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Ā 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
Ā 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Ā 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
Ā 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Ā 
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
Ā 
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ā˜Žāœ”šŸ‘Œāœ” Whatsapp Hard And Sexy Vip Call
Ā 
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita šŸ¤Œ 8250192130 šŸš€ Vip Call Girls Kolkata
Ā 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
Ā 
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts serviceChennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Chennai Call Girls Alwarpet Phone šŸ† 8250192130 šŸ‘… celebrity escorts service
Ā 
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICE
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICECall Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICE
Call Girls In South Ex šŸ“± 9999965857 šŸ¤© Delhi šŸ«¦ HOT AND SEXY VVIP šŸŽ SERVICE
Ā 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
Ā 
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort ServiceEnjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Enjoy Nightāš”Call Girls Dlf City Phase 3 Gurgaon >ą¼’8448380779 Escort Service
Ā 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Ā 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
Ā 

Featured

2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by Hubspot2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by HubspotMarius Sescu
Ā 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
Ā 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
Ā 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
Ā 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
Ā 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
Ā 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
Ā 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
Ā 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
Ā 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
Ā 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
Ā 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
Ā 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
Ā 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
Ā 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
Ā 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
Ā 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
Ā 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
Ā 

Featured (20)

2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by Hubspot2024 State of Marketing Report ā€“ by Hubspot
2024 State of Marketing Report ā€“ by Hubspot
Ā 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Ā 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Ā 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
Ā 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
Ā 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Ā 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Ā 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
Ā 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Ā 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Ā 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Ā 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
Ā 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Ā 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Ā 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Ā 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Ā 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Ā 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Ā 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
Ā 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Ā 

No more free bugs - 0days and new markets

  • 1. No more free bugs NLNOG-day 2015
  • 2. No more free bugs - NLNOG 2015 - Pine Digital Security This talk To shed some light on a shady side of the internet ā€¢ Some background on 0days ā€¢ What does the 0day market look like? ā€¢ How is this relevant to us? ā€¢ So now what?
  • 3. No more free bugs - NLNOG 2015 - Pine Digital Security About Christiaan Ottow CTO of Pine Digital Security christiaan.ottow@pine.nl @cottow
  • 4. What we do Security services Performing penetration tests, code audits and consulting/training Managed hosting Managed secure hosting services for customers (AS12854) Secure development Developing software for customers with a high security or privacy demand No more free bugs - NLNOG 2015 - Pine Digital Security
  • 5. No more free bugs - NLNOG 2015 - Pine Digital Security Zero Day (0day) vulnerability: a vulnerability that has not been publicly disclosed
  • 6. No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Stefan Frei, ā€œThe Known Unknownsā€ [1]
  • 7. No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Stefan Frei, ā€œThe Known Unknownsā€ [1] 2013
  • 8. No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life ZDI, 2015 ā€¢ Over 2000 disclosed vulnerabilities ā€¢ Thatā€™s Ā± 600 in the last 18 months ā€¢ 2010: > 30% took > 365 days to patch ā€¢ 180-day automatic disclosure implemented ā€¢ 2013: only 6 vendors > 180 days, 5 > 120 days ā€¢ 2014: 120 day automatic-disclosure implemented Source: ZDI@10: 10 fascinating facts about 10 years of bug hunting [10]
  • 9. No more free bugs - NLNOG 2015 - Pine Digital Security A Bugā€™s Life Source: Bilge et al, ā€œBefore we knew itā€ [12] 0days live 312 days on average in the wild before disclosure
  • 10. No more free bugs - NLNOG 2015 - Pine Digital Security Suppliers ā€¢ VUPEN ā€¢ Raytheon ā€¢ Northrop Grumman ā€¢ Endgame Systems ā€¢ Exodus Intelligence ā€¢ VBI ā€¢ Netragard ā€¢ ReVuln ā€¢ Mitnick Security ā€¢ Zerodium
  • 11. No more free bugs - NLNOG 2015 - Pine Digital Security Growth Subtitle ā€¢ Content Source: Cisco IBSG [8]
  • 12. No more free bugs - NLNOG 2015 - Pine Digital Security
  • 13. No more free bugs - NLNOG 2015 - Pine Digital Security Growth drivers ā€¢ Number of targets ā€¢ Government interest ā€¢ ROI per target ā€¢ Skill required
  • 14. No more free bugs - NLNOG 2015 - Pine Digital Security Hacking Team ā€œWhat you need is a way to bypass encryption, collect relevant data out of any device, and keep monitoring your targets wherever they are, even outside your monitoring domain. Remote Control System does exactly that.ā€ Source: http://www.hackingteam.it/images/stories/galileo.pdf
  • 15. No more free bugs - NLNOG 2015 - Pine Digital Security Hacking Team ā€¢ Surveillance software ā€¢ Audio recording (phone, Skype, ā€¦) ā€¢ Keystroke logging ā€¢ GPS tracking ā€¢ Impressive list of customers, including oppressive regimes ā€¢ Bahrein, Kazakhstan, Azerbaijan [10] ā€¢ Breached in July 2015, 400GB dumped (inc. mail spools, source code, contracts)
  • 16. No more free bugs - NLNOG 2015 - Pine Digital Security Suppliers ā€¢ VUPEN ā€¢ Vulnerabilities Brokerage International (VBI) ā€¢ Netragard ā€¢ Vitaliy Toropov Source: Vlad Tsyrklevichā€™s analysis of HT dump
  • 17. No more free bugs - NLNOG 2015 - Pine Digital Security Pricing The grugq, 2012 Source: Andy Greenberg in Forbes, 2012 [3]
  • 18. No more free bugs - NLNOG 2015 - Pine Digital Security Pricing Hacking Team, 2015 ā€¢ Adobe Reader + sandbox escape: $100k list price ($80.5k ļ¬nal) ā€¢ Sandbox escape non-exclusive: $90k - $100k ā€¢ Netragard ā€¢ Three Flash Player 0days: $39k - $45k ā€¢ Vitaliy Toropov Source: Andy Greenberg in Forbes, 2012 [3]
  • 19. No more free bugs - NLNOG 2015 - Pine Digital Security Catalogs Source: Vlad Tsyrklevichā€™s analysis of HT dump
  • 20. No more free bugs - NLNOG 2015 - Pine Digital Security Source: https://twitter.com/Zerodium/status/644107653745016832
  • 21. No more free bugs - NLNOG 2015 - Pine Digital Security Business model ā€¢ Acceptance testing ā€¢ Replacement if patched ā€¢ Support on implementation ā€¢ Phased payments
  • 22. No more free bugs - NLNOG 2015 - Pine Digital Security Actors Researcher Broker VBI Netragard Endgame Systems VUPEN The Grugq Exodus Intelligence ReVuln Northrop Grumman Raytheon Vitaliy Toropov Kevin Mitnick Zerodium Defensive products vendor HP ZDI iDefense VCP Rich Intelligence Agency NSA GHCQ Offensive products vendor Hacking Team Gamma International Dark Markets Poor Intelligence Agency or LEA Sudan Ethiopia Bahrein KLPD ? Vendor of vulnerable product Pentesting companies Exploit pack vendors Intevydis ExploitHub bounties full disc. google p0
  • 23. No more free bugs - NLNOG 2015 - Pine Digital Security So what? ā€¢ 0days are much like weapons ā€¢ Only, they are almost exclusively interesting for offensive purposes ā€¢ Who beneļ¬ts from having them and who beneļ¬ts from ļ¬xing them?
  • 24. No more free bugs - NLNOG 2015 - Pine Digital Security So what? ā€¢ Stopping 0day sales will not stop all spies and criminals ā€¢ But it will stop the likes of HackingTeam
  • 25. No more free bugs - NLNOG 2015 - Pine Digital Security Now what? ā€œ[..] Are vulnerabilities in software dense or sparse? If they are sparse, then every one you ļ¬nd and ļ¬x meaningfully lowers the number of avenues of attack that are extant. If they are dense, then ļ¬nding and ļ¬xing one more is essentially irrelevant to security and a waste of the resources spent ļ¬nding it.ā€ Source: Dan Geer, BlackHat 2014 [8,4]
  • 26. No more free bugs - NLNOG 2015 - Pine Digital Security Corner the market ā€¢ USG buys them all ā€¢ Reports all to vendors ā€¢ USG then controls the market
  • 27. No more free bugs - NLNOG 2015 - Pine Digital Security Drain the offensive stockpile ā€œ[..] People deserve to use the internet without fear that vulnerabilities out there can ruin their privacy with a single website visit If we increase user conļ¬dence in the internet in general, then in a hard-to-measure and indirect way, that helps Google tooā€ Source: Wired interview with Chris Evans of Google Project Zero [5]
  • 28. No more free bugs - NLNOG 2015 - Pine Digital Security Tweak the levers Source: Katie Moussouris, ā€œThe Wolves of Vuln Streetā€, RSA Conference 2015 [6]
  • 29. No more free bugs - NLNOG 2015 - Pine Digital Security Regulation ā€¢ Wassenaar, a town in Europe ā€¢ Intrusion malware ā€¢ Intrusion exploits ā€¢ IP surveillance
  • 30. No more free bugs - NLNOG 2015 - Pine Digital Security Regulation ā€¢ The problem with dual use ā€¢ Itā€™s the internet, stupid ā€¢ ACLU is for, EFF has reservations
  • 31. No more free bugs - NLNOG 2015 - Pine Digital Security Bugs are dense ā€œ[..] Which is: you don't chase and ļ¬x vulnerabilities, you design a system around fundamentally stopping routes of impact. For spender it is eradicating entire bug classes in his grsecurity project. For network engineers it is understanding each and every exļ¬ltration path on your network and segmenting accordingly. Containment is the name of the game. Not prevention.ā€ Source: Bas Alberts, rant on DailyDave, Aug ā€™15 [7]
  • 32. No more free bugs - NLNOG 2015 - Pine Digital Security Conclusions ā€¢ A new market has emerged that is at best shady ā€¢ Involves actors from govā€™t, commerce and crime mixed on all sides ā€¢ Legal battle being fought together with Crypto Wars II ā€¢ Will have impact on what our kidsā€™ internet will look like
  • 33. No more free bugs - NLNOG 2015 - Pine Digital Security Questions? Shoot!
  • 34. No more free bugs - NLNOG 2015 - Pine Digital Security Bibliography ā€¢ [1] Stefan Frei, Dec 2013, ā€œThe Known Unknownsā€, https://www.nsslabs.com/sites/default/ļ¬les/ public-report/ļ¬les/The%20Known%20Unknowns_1.pdf ā€¢ [2] Vlad Tsyrklevichā€™s analysis of Hacking Team leak wrt 0day trading: https://tsyrklevich.net/ 2015/07/22/hacking-team-0day-market/ ā€¢ [3] Forbes/Andy Greenbergā€™s proļ¬le on the grugq: http://www.forbes.com/sites/andygreenberg/ 2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/ ā€¢ [4] Dan Geer, on density and counting of vulns, ā€œFor Good Measureā€: http://geer.tinho.net/fgm/ fgm.geer.1504.pdf ā€¢ [5] Interview with Chris Evans of Google Project Zero by Wired: http://www.wired.com/2014/07/ google-project-zero/ ā€¢ [6] Kate Moussouris, ā€œWolves of Vuln Streetā€: https://hackerone.com/blog/the-wolves-of-vuln- street and https://www.rsaconference.com/writable/presentations/ļ¬le_upload/ht-t08-the-wolves- of-vuln-street-the-1st-dynamic-systems-model-of-the-0day-market_ļ¬nal.pdf ā€¢ [7] Bas Alberts, rant on disclosure, ā€œThe Old Speakā€: https://lists.immunityinc.com/pipermail/ dailydave/2015-August/000976.html ā€¢ [8] Cisco IBSG, # of Internet-connected devices: http://www.cisco.com/web/about/ac79/docs/ innov/IoT_IBSG_0411FINAL.pdf ā€¢ [9] Dan Geer, on cornering the market, BlackHat 2014: http://geer.tinho.net/geer.blackhat. 6viii14.txt NSAā€™s TAO group accidentally off lining Syria: http://thehackernews.com/2014/08/ nsa-accidentally-took-down-syrias.html
  • 35. No more free bugs - NLNOG 2015 - Pine Digital Security Bibliography ā€¢ [10] ZDI ļ¬gures after 10 years: http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ ZDI-10-10-fascinating-facts-about-10-years-of-bug-hunting/ba-p/6770127#.VfqrprQVf8s ā€¢ [11] HackingTeam customer list: https://theintercept.com/2015/07/07/leaked-documents- conļ¬rm-hacking-team-sells-spyware-repressive-countries/ ā€¢ [12] Bilge et al (Symantec), ā€œBefore we knew itā€ on 0days in the wild, 2012:https:// users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf ā€¢ On 0days on the dark web: https://www.deepdotweb.com/2015/04/08/therealdeal-dark-net- market-for-code-0days-exploits/ ā€¢ Market size 2012: http://www.slate.com/articles/technology/future_tense/2013/01/ zero_day_exploits_should_the_hacker_gray_market_be_regulated.html ā€¢ Market size 2012: http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers- who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-ļ¬gure-fees/ ā€¢ Market size 2012: http://moritzlaw.osu.edu/students/groups/is/ļ¬les/2015/06/Fidler-Second- Review-Changes-Made.pdf ā€¢ Market size 2013: http://www.darkreading.com/vulnerabilities---threats/hacking-the-zero-day- vulnerability-market/d/d-id/1141026 ā€¢ Robert Graham, notes on Wassenaar: http://blog.erratasec.com/2015/05/some-notes-about- wassenaar.html#.VfnEmbQVf8s ā€¢ Heartbleed discovery collision: http://readwrite.com/2014/04/13/heartbleed-security- codenomicon-discovery