> 0-Day exploitation of PCs. How big is the team responsible for discovering / purchasing 0-day exploits?
Given the speculation that it was the US behind Stuxnet, this one is a cheap and easy one. The US has been buying up ready-made exploits for a good while now (there's a reason that the likes of Raytheon are hiring exploit devs left and right) and have nice stockpiles of them just ready and waiting for the likes of Stuxnet.
This is true because you heard it's true, or because you know it's true? Raytheon definitely has a lot of people on staff who are at least peripherally involved in vuln dev. That's not the same thing as having a staff full of exploit developers. You get peripheral involvement in vuln dev just by doing malware reversing, which is pretty low on the food chain, and something the government definitely (firsthand) spends money on.
I can also confirm that Raytheon is building up this capability (although less so than Northrop and Lockheed).
If you're curious what companies are actually committing to vulnerability dev you can search any cleared jobs site for "offensive"; the companies that have listings are who you'd imagine them to be (minus a couple placement firms that just put people right at the Fort).
At least three different people I know are significantly involved in that area. You probably know some of them too. I detest them for the ethics of it, and keep my distance as a result, but there's no question what they do and where the money comes from.
Given the speculation that it was the US behind Stuxnet, this one is a cheap and easy one. The US has been buying up ready-made exploits for a good while now (there's a reason that the likes of Raytheon are hiring exploit devs left and right) and have nice stockpiles of them just ready and waiting for the likes of Stuxnet.