Story

French security company VUPEN denies the leakage of 130 zero day exploits

Today rumors were circeling the internet that the French security company has been breached.

The security company VUPEN searches for zero day exploits in software. The zero day information then gets sold to their paying clients - which they can use for their own purposes.

Denied

The CEO Chaouki Bekrar said that the messages are not true. He let the world know via Twitter that the hackstory is fake.

To make things very clear, the imaginary compromise story is just bullshit, nothing happend at all. Sorry to the trollers :-]

Zero Day exploits

Zero-day attacks occur during the vulnerability window that exists in the time between when a vulnerability is first exploited and when software developers start to develop a counter to that threat.

For viruses, Trojans and other zero-day attacks, the vulnerability window follows this time line:

  • The developer creates software containing an unknown vulnerability
  • The attacker finds the vulnerability before the developer does
  • The attacker writes and distributes an exploit while the vulnerability is not known to the developer
  • The developer becomes aware of the vulnerability and starts developing a fix.

Vupen Security

VUPEN is the leading provider of defensive and offensive cyber security intelligence and advanced vulnerability research.

VUPEN's offensive IT intrusion solutions and government grade exploits enable the Intelligence community and government agencies to achieve their lawful intercept missions using VUPEN's industry-recognized vulnerability research and intelligence.

VUPEN's defensive security research enables governments and corporations to measure and manage risks, eliminate vulnerabilities before they can be exploited, and protect critical or national infrastructures and assets against known and unknown exploits and cyber threats.

VUPEN customers include worldwide governments and major corporations in finance, technology and manufacturing.