IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [zero-day]

A zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability.

105 questions
0
votes
2 answers

Does CVE-2017-8759 impact the web service?

I saw lots of information on the impact to end user PC, but didn't see anywhere explain the impact to the cloud service. If the issue is from the SOAP WSDL parsing, seems like the web service can also be impacted right? Looking forward to your…
William
  • 41
  • 2
0
votes
2 answers

Security configurations to protect against 0-day exploits?

Let's say someone has sensitive information on their computer and can is a potential target of 0-day exploits/attacks. Assuming that they follow conventional security advice (using a firewall, antivirus, encryption, and an updated operating system),…
Bin Laden's son
  • 13
  • 3
0
votes
0 answers

Can I use process crash information to detect buffer overflow attacks?

Buffer overflow is a very common vulnerability, often targeted with zero-day exploits. Successful attacks often result in arbitrary code execution, while failed attempts tend to crash the target program. ASLR makes this scenario even more common: in…
Dmitry Grigoryev
  • 10,072
  • 1
  • 26
  • 56
-1
votes
1 answer

indicators of compromise via email servers

Malicious files are commonly infiltrated on to the network via email attachments. Besides awareness and education to my staff to refrain from clicking on suspicious attachments, I would also like to improve the security posture via technology. Are…
Pang Ser Lark
  • 1,929
  • 2
  • 16
  • 26
-1
votes
1 answer

What is Satisfiability Modulo Theories

I came across this term called "Satisfiability Modulo Theories", which when I Googled it, was something that is related to various theories on low level languages. How does this help in discovering 0-days? I also saw people using something called…
Santhosh Kumar
  • 25
  • 2
-1
votes
1 answer

How can I get confirmation of new security problem in struts2?

I just read about this new struts2 security problem. I want to tell our developers to patch it, but I wish for some more sources first. The only source he cites is in another language. I guess I could spend the better part of the day testing it,…
mcgyver5
  • 6,807
  • 2
  • 24
  • 45
-1
votes
1 answer

Using Artificial Intelligence (AI) to detect unauthorized code modification to reduce and to even stop zero-day exploits

Since Solarwinds Hack and Hafnium attack involved some degree of unauthorized code modification (orion DLL, creation of web shell), is it possible to use Artificial Intelligence (AI) built into the very application (Solarwinds, Exchange Server)…
Nathan Aw
  • 1
  • 7
  • 12
-1
votes
1 answer

How to identify Treck TCP/IP library usage in a PC?

I was informed recently about the RIPPLE20 vulnerabilities. Can I identify the usage of a specific protocol on my PC or inside some application on a PC? I think that the first thing to do in these cases is to find the assets that can be influenced…
Ion Stirba
  • 107
  • 6
-1
votes
1 answer

How common is the usage of browser zero-days in the wild?

We have an overview with known but fixed vulnerabilities for this browsers: Google Chrome, Mozilla Firefox and Internet Explorer. Such lists exist for many other browsers too. We also have such vulnerabilities which were never reported and also…
Awaaaaarghhh
  • 562
  • 2
  • 18
-2
votes
2 answers

Does Microsoft EMET protect against latest Hacking Team Adobe Flash 0-day exploit?

If I were to not update Adobe Flash and instead used the old version (from before the Hacking Team 0-day exploit was published in the internet), in that case, would Microsoft EMET protect me from the latest Hacking Team Adobe Flash 0-day exploit?…
vasili111
  • 207
  • 1
  • 7
-3
votes
2 answers

how are some vulnerabilities exploited?

Some zero-day vulnerabilities are exploited actively. How does this happen? How often does this happen? How do so many hackers get to know about the same vulnerability?
user119003
-3
votes
1 answer

Are PDF zero-days still being widely used?

Even after all those patches for PDF programs, would you estimate that there are still many zero-days out there? If so, would you estimate that these zero-days are being widely used for various malicious purposes? Just trying to get a better sense…
CarlGammaSagan
  • 113
  • 1
  • 5
-5
votes
1 answer

How can mp3blaster vulnerability affect my linux OS?

Mp3blaster is a terminal mp3 player running a UNIX-like operating system, e.g. Linux, Free/Net/OpenBSD, etc. I usually use this player for playing my music, but yesterday I found a blog which claim that there is an exploitable 0day. 1) The…
Deus
  • 21
  • 5
-5
votes
1 answer

Honeypot for hunting browser zero-days, rootkits and malware

I would like to create a honeypot (bot) to hunt browser zero-days (and browser extensions). What is the best way to find those 0days automatically (I would like to create a sandboxed bot which would visit websites and check if they are trying to…
Awaaaaarghhh
  • 562
  • 2
  • 18
-6
votes
2 answers

where can I find list of zero day vulnerability?

I want to have list of zero day vulnerability, Could any one intuduce some site which annonce them?
user56978
  • 19
  • 1
1 2 3 4 5 6
7