US Navy Caught while trying to buy Zero-days Exploits

Share it:
You heard that cyber criminals are selling or buying exploits on/from the under ground markets. And sometimes you also read about the government snooping agency like NSA and GCHQ were buying Zero-Days exploit from the hackers to exploit the particular software and have a backdoor in it.

But here is something different, US Navy were caught red handed by Electronic Frontier Foundation (EFF), while trying to buy Zero-Days exploits for number of popular software's.

The Electronic Frontier Foundation (EFF) has spotted the US Navy publicly soliciting people to sell security vulnerabilities to well-known software. It seems that the US Navy was also buying the Zero-days as NSA, to build backdoors into the software

On of the government website, FedBizOpps - listed the offer for buying Zero-days, [which is now deleted, after EFF highlighted it]. One of the post of the website reads -
“the US government needs to have access to vulnerability intelligence, exploit reports and operational exploit binaries affecting widely used and relied upon commercial software”.
EFF preserved the post which mentions that the US Navy wanted to buy Zero-days in various software packages belonging to Microsoft, Adobe, Android, IBM, Apple, EMC, Cisco, Linksys, Linux, EMC and Java. The PDF grab is given below :
On the blog post EFF says -
“The Navy tried to send this particular solicitation down the memory hole, but we’re hopeful that through our FOIA suit, we can shed more light on the conflict between the government’s public statements and its apparent practices surrounding its stockpiling of zero-days.”
Share it:

News

NSA

Security

Post A Comment:

0 comments:

Follow by Email