EXECUTIVE SUMMARY

 

Hacking Team is an Italian company that provides security services and tools to governments and law enforcement organizations.

 

The company experienced a data breach on Monday, July 6th, resulting in 400 GB of its documents being leaked.

 

Source code stolen from Hacking Team has revealed new zero day vulnerabilities in Windows and Adobe Flash.

 

Check Point has just released two new IPS protections to address these new vulnerabilities.

 

DESCRIPTION

Hacking Team Hacked

  • The cybersecurity firm Hacking Team appears to have itself been the victim of a hack, with documents that purport to show it sold software to “repressive” regimes being posted to the company’s own Twitter feed.
  • The Italy-based company offers security services to law enforcement and national security organizations. It offers legal offensive security services, using malware and vulnerabilities, to gain access to targeted networks.
  • According to the documents, 400GB of which have been published, Hacking Team has also been working with numerous “repressive” governments – something it has previously explicitly denied doing.

New Zero Days Vulnerabilities Revealed

  • The Adobe Flash exploit can mark injected code as executable – which is then called and can execute various actions.
  • The Windows Kernel vulnerability can be used to elevate an attacker’s privileges to administrator level, allowing more damage or surveillance to be carried out. It can be chained with the aforementioned Flash zero-day to first execute code as a user and then gain more powers to fully hijack the system.

 

CHECK POINT IPS ZERO DAY PROTECTIONS

Check Point protects its customers from these zero day vulnerabilities with the following IPS protections:

 

REFERENCES

http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim http://www.theregister.co.uk/2015/07/07/hacking_team_zero_days_flash_windows_kernel/


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Please complete the equation to verify your submission. * Time limit is exhausted. Please reload the CAPTCHA.