fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Zerodium Triples WordPress Remote Code Execution Exploit Payout

Zerodium Triples WordPress Remote Code Execution Exploit Payout

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution.

The exploit acquisition platform is now enticing exploit developers and sellers with a $300,000 payout, three times more than the regular price.

Short-term bump

The company announced in a tweet today that the current is temporary, without revealing an expiration date or a reason for this decision.

Exploit developers or sellers incited by the new payout should consider the eligibility terms as Zerodium is willing to pay for code that works with the latest version of WordPress.

As is the case with premium exploits, this one should work on a clean installation of WordPress with the default configuration without requiring authentication or user interaction.

This means that leveraging bugs in third-party plugins, no matter how popular and widespread, makes the exploit ineligible.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

source: Zerodium

BleepingComputer reached out to Zerodium for further information regarding this announcement and will update the article when we get it.

Zerodium is one of the best-known exploit brokers on the market, either by developing them in-house or acquiring them from developers.

The company is looking for premium zero-day exploits and is open about the payouts it offers, being the first in this business to publish a pricing chart the year it launched.

Over the years, Zerodium has expanded the list of products, acquiring exploits not just for operating systems and web browsers but also for web servers, email servers, web panels and apps, as well as research and techniques related to certain technologies (WiFi/Baseband, antivirus, routers/IoT, Tor deanonymization, mitigation bypasses).

The broker also updated its payouts and announced larger bounties for Android zero-day exploits than for iOS. Those prices still stand, with the price for Android full chain with persistence zero-click exploits reaching up to $2.5 million, compared to the $2 million for the iOS equivalent.

Also Read: Data Protection Officer Singapore | 10 FAQs

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us