Zero-day Vulnerabilities

(OBJ 2.3)

Zero-day Vulnerabilities

• Discovered or exploited before vendors issue patches
• Extremely destructive
• Example:
  • Flaw in the Windows OS without Microsoft being aware of that vulnerability
  • "I found a new way to break into something"

Zero-day Exploits

• Attacks that target previously unknown vulnerabilities
• Any unknown exploit in the wild that exposes a previously unknown vulnerability in the software or hardware

Zero-day

• Refer to the vulnerability, exploit, or malware that exploits the vulnerability
• Attack actually happens on day zero, or the first day that this malicious code is being discovered.
• In Zero-days, your system can be vulnerable for days, weeks, years since not even the developer knows about it

Zero-Day Exploits and Value

• Zero-day exploits are significant in the cybersecurity world and can be lucrative
  • Zero-day malware is a major threat
  • Cost a lot of money and a lot of time to develop
• Bug bounty hunters can earn money by discovering zero-day vulnerabilities
• Zero-days are also sold to government agencies, law enforcement, and criminals on the dark web
  • Sell for thousands, and millions of dollars
• Threat actors save zero-days for high-value targets, using generic malware for initial attempts
• An up-to-date antivirus can detect known vulnerabilities' exploitation
• Countries and nation states may stockpile zero-days for espionage and strategic operations