Hacking Team, a Milan-based company that sells intrusion and surveillance capabilities to governments and law enforcement, recently experienced a data breach in which 400 GB of data -- including multiple zero-day vulnerabilities and intrusion tools -- was leaked to the public. NSFOCUS announced today that researchers from its Threat Response Center (TRC) immediately initiated emergency response to prepare its clients against such Flash zero-day and other vulnerabilities. NSFOCUS TRC released an initial report on Hacking Team's Remote Control System (RCS) [ link ]. NSFOCUS TRC will soon issue an in-depth analysis report of this event as well as its solution to protect against such attacks.
The nature of the data released puts this breach on par with Snowden's leak of classified information from the NSA and WikiLeaks's disclosure of US military information.
Dangerous information: Leaked data included dangerous and potentially devastating information, including the source code of RCS software and the core of the data package; antivirus bypass analysis tools and related documents; zero-day vulnerabilities, other vulnerabilities and intrusion tools; and information about intrusion projects, including the account passwords, data, audio and video.
