IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [zero-day]

A zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability.

105 questions
3
votes
2 answers

As a user, how can I defend myself from disclosed unpatched zero-day vulnerabilities?

In the wake of the Hacking Team breach on July 6th, 2015 [1] [2] I heard that some previously unknown zero-day exploits might surface (apparently one for Flash already has). Once these exploits become public knowledge and before a patch that fixes…
Federico
  • 159
  • 8
3
votes
1 answer

At what criteria should an unpatched machine be considered hacked?

Since every machine connected to the Internet requires security patches, there is a window of time in which those updates have been released and those machines haven't yet been patched. It is common practice to assume if you do the patch "quick…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
3
votes
2 answers

Where do I get started in terms of learning how to exploit Java and Flash vulnerabilities? or browser exploitation in general

Another Java 0day was discovered today which got me thinking how browser exploitation (remote execution on clients browser) works. I am unable to find any books or resources online about browser exploitation, I can code and know how to use a…
Kush
  • 275
  • 2
  • 9
3
votes
1 answer

How does one test AV against zero-day malware?

Lately, I've read several articles about anti-malware software and one thing caught my eye - ability to detect zero-day attacks. In short - how does anti-malware / anti-virus industry test their own software against zero-day threats? How can someone…
StupidOne
  • 2,802
  • 21
  • 35
3
votes
1 answer

Png/JPG exploit

So I recently stumbled on multiple cases suggesting there's a JPG/PNG exploit which is able to silently execute malicious code when simply viewing the image? Just looking for some insight as to whether this vulnerability requires the user to open…
user226594
  • 31
  • 1
  • 2
3
votes
1 answer

Do companies shop for 0-days on black markets to fix them?

Is it known for software development companies to shop for 0-day vulnerabilities on black markets in order to burn them? Microeconomics tell me "no", as some sources claim that 0-days are short in supply, thus really expensive these days due to…
vadkou
  • 133
  • 4
3
votes
2 answers

Percentage of 0-day vulnerabilities used as vectors for infections?

I chose that title, but there are probably several ways to ask this question. It's all about understanding how a computer (especially desktop, but you could generalize this to servers I guess) can get infected if it's always up to date (daily…
reed
  • 15,398
  • 6
  • 43
  • 64
3
votes
1 answer

How does brainstorming look like for a team like Google's "Project Zero"

The question is not necessary about technical details but more broad. I'm fascinated by the creativity involved in this process. Since the news of Meltdown/Spectre I was wondering: How do teams like Project Zero come up with ideas to find 0-day…
NoRyb
  • 131
  • 4
3
votes
2 answers

Struts2.3 Zero Day attack exploited: CronJob getting created

Can someone help understand what exactly is being done through this attack. I was using Struts2.3 in Jboss5 environment. I had some crontabs installed, which went missing instead these two lines are seen in crontab. #*/20 * * * * wget -O - -q…
Anirudh shetty
  • 31
  • 3
3
votes
1 answer

Suddenly scans for 'formvars.php'

Suddenly, starting from about yesterday-evening (gmt+2), I get lots of -what I suspect are- 'hits' from bots that are looking variations of this file: /somerealpath/includes/formvars.php I'm curious to know what this is, and why so suddenly these…
Nanne
  • 133
  • 6
3
votes
1 answer

Media files : how to protect from 0-day?

I am in the following situation : media files (image, audio, video) are uploaded from untrusted sources and made public to visitors. What are the best pratices for handling these potentially malicious files before they are served to users (to reduce…
msec24
  • 105
  • 3
3
votes
2 answers

How to demo a new 0-day security product?

We are a development team working on a new 0-day protection security product. We aim to protect against new unknown 0-days attacks against servers. We have a very strong solution ready to demo. The question is: how do you demo such a product ??? If…
O A
  • 31
  • 1
2
votes
1 answer

Apache Partial HTTP Request Denial of Service Vulnerability

One of our client scan our site and share following qualys vulnerability. "Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day " We are using "Ubuntu 12.04.5 LTS" with Apache/2.2.22. We have implemented lots of options, mentioned…
Mudasar Yasin
  • 191
  • 1
  • 5
2
votes
0 answers

Information on the Elderwood Project/Platform

I've read Symantec's whitepaper on the Elderwood Project and the blog update on the Elderwood Platform. They both make for a very interesting read, especially in the zero-day exploit meta-analysis that found the Elderwood Platform. Does anyone know…
COL Wotohice
  • 503
  • 2
  • 10
2
votes
2 answers

How much are 0-days worth?

I got discussing this topic with someone recently and we couldn't reach a consensus so I thought I should ask here. There are commonly thrown around figures regarding the cost of buying a remotely-executable 0-day for IOS, Android, Windows etc.…
NULLZ
  • 11,426
  • 17
  • 77
  • 111
1 2 3
4
5 6 7