Questions tagged [zero-day]

A zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability.

105 questions
168
votes
4 answers

What does it mean to "burn a zero-day"?

I noticed a comment on this answer where another user said ...but it requires risking burning a 0day, which people are not always all that willing to do. I did an Internet Search for the phrase "burning a 0day" (and similar permutations like 0…
YetAnotherRandomUser
  • 2,290
  • 2
  • 14
  • 20
96
votes
7 answers

Why would an attacker ever want to sit on a zero-day exploit?

I am trying to understand why an attacker would want to wait to use a zero-day exploit. I have read that an attacker does not want to waste the zero-day because they are typically very expensive to obtain in the first place, but it is not clear to…
jonem
  • 959
  • 1
  • 6
  • 7
55
votes
3 answers

Where to disclose a zero day vulnerability

We discovered a vulnerability in wide range of Ricoh printers, where with a simple PostScript file sent directly, it is possible to crash the device. To recover you need physical access to the printer and an administration account to clear the queue…
Matteo
  • 682
  • 5
  • 14
53
votes
2 answers

How are zero days found?

I believe that it was leaked recently that the NSA has a long list of zero day exploits on various software "for a rainy day," ie: for whenever it would be useful to them. The question is, how do they find these zero days? Does someone have to…
Naftuli Kay
  • 6,715
  • 9
  • 47
  • 75
32
votes
1 answer

What is an n-day security attack?

There are several attacks types in computer security. For instance, zero-day attacks consist of attacks that use undisclosed exploits. In contrast, what is an n-day attack? Is it a security concern?
Vijini
  • 329
  • 1
  • 4
  • 7
29
votes
9 answers

How can an administrator secure against a 0day before patches are available?

I'm working on a thesis about the security hacker community. When a 0day is published, how can an administrator secure his application/website between the time the 0day is published and the patch is developed ? Moreover, most of the time, this same…
K.Fanedoul
  • 417
  • 4
  • 10
28
votes
6 answers

Heartbleed and Routers/ASAs/other

OK, so I first heard about heartbleed a few hours ago through the stack exchange questions feed, and after a moments panic, realised that the only web servers I have secured via OpenSSL are on the internal network. Patched anyway, but now I have…
Chris O'Kelly
  • 442
  • 1
  • 4
  • 11
27
votes
2 answers

How do big cloud providers guard against VM escape attacks?

I think it's pretty much unassailable to say that cloud computing as we know it depends on the concept of the robustness of virtual machines. Where one can depend on the security of VMs they allow workloads from multiple customers of a cloud…
mostlyinformed
  • 2,715
  • 16
  • 38
24
votes
3 answers

Should I be disabling Java?

First it was Apple, now it's the US government... U.S. urges users to disable Java; Apple disables some remotely New malware exploiting Java 7 in Windows and Unix systems How serious is this "unspecified vulnerability"? Should all users be…
Django Reinhardt
  • 938
  • 2
  • 8
  • 20
23
votes
4 answers

How to subscribe to information about new vulnerabilities in selected products?

In order to be informed about critical vulnerabilities in selected products I'd want to subscribe to some list about them. I'd want to configure the list of products by myself. The question: Where can I get security breach alerts? gives information…
Andrei Botalov
  • 5,267
  • 10
  • 45
  • 73
22
votes
5 answers

What are the best practices for mitigating zero day attacks?

What are best practices / recommendations / strategies for mitigating zero day threats/attacks from a software development perspective?
Eric Warriner
  • 3,251
  • 3
  • 24
  • 20
20
votes
2 answers

What was behind the surge of Adobe Flash Player vulnerabilities/patches in 2015?

It's no secret that 2015 was a rough year, security-wise, for Adobe's Flash Player. Aside from Adobe itself beginning to essentially deprecate Flash development largely due to Flash Player's longstanding status a primary target for attackers, the…
mostlyinformed
  • 2,715
  • 16
  • 38
19
votes
4 answers

Unknown malware, how to report it and whom to report it to?

I'm a professional Windows system administrator, but I've been caught off-guard (or maybe some malware writer has been very clever) and I caught some unknown malware on my home computer (Windows 7 x64 SP1); it must be a very recent one and/or of a…
Massimo
  • 731
  • 5
  • 13
16
votes
3 answers

If I find or create a 0day exploit, can I be held liable for releasing out to the public?

If I found or created a 0day and decided to immediately release it into the wild (Giving a P.o.c w/ source). But not using it to actually exploit anything. Can I be held liable for it?
Digital fire
  • 3,126
  • 5
  • 31
  • 44
13
votes
1 answer

SCADA / PLC exploit code was released in metasploit. Now what?

Wired reports that there are many security issues with Programmable Logic Controllers (PLCs) and now there is an easy to use tool to scan and detect vulnerabilities. They say it's so easy, the update for Metasploit make it analogous to Firesheep…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
2 3 4 5 6 7