Wednesday, July 7, 2021

Cyber Security | Zero-day attack

Zero Day Vulnerability

A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched by the developer or software engineer. As the vulnerability were exposed before security researchers and software developers became aware of them, and before they can issue a patch zero-day vulnerabilities pose a higher risk to users. An exploit that attacks a zero-day vulnerability is called a zero-day exploit.

A zero-day vulnerabilities can happen in multiple ways and can be challenging to detect such as missing data encryption, missing authorizations, broken algorithms, bugs, problems with password security etc. Due to the nature and types of vulnerabilities, complete information on zero-day exploits can be available only after the exploit is identified.

One simple detection technique is behavior of the system, let it be database, operating system, browser application, software etc. When you can feel the different in normal behavior you can assume there is some gap or issue. Then you need to analysis all the traffics, packets, source of packet, attacks, log details. 

Some examples of zero-day vulnerability are as:

  • Chrome zero-day vulnerability:2021
  • Zoom app vulnerability:2020
  • Microsoft Word vulnerability: 2017
  • Stuxnet: 2010
  • Apple ios:2020
  • CVE-2019-2215: Kernel Privilege Escalation: 2019
  • Aurora: 2010
  • DNC hack:2019
  • Sony zero-day attack:2014
  • RSA zero-day attack through adobe flash player: 2011
  • Adobe reader zero-day flaw:2021: CVE-2021-28550
  • NetGear routers
  • Firefox zero-day

Preventing a zero-day attack is most difficult, however some best practices can help in prevention such as;

  • Adoption of advanced email security
  • Keep your software and patches up to date by using latest releases
  • Use of web application firewall for real time scanning on incoming packets
  • Use intrusion prevention system (HIPS)
  • Implement network access control to prevent unauthorized access
  • Use IPsec protocol to encrypt all the traffic
  • Use secure and private browser
  • Block pop-ups
  • Disable third party cookies
  • Use reliable antivirus and internet security suite for home systems.
  • Adopt online security habit for self

Do you have further suggestions, please post your comment.

Thanks

-DR


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Network Scanning Tools

Network Scanning through Nmap and Nessus Network scanning is a process used to troubleshoot active devices on a network for vulnerabilities....

  • Telecom | STM-1/4/16 SDH Multiplexer- Part 2
    STM-1/4/16 SDH Multiplexer In my older post I have covered the basic STM and STM-1. STM1 is a synchronous digital hierarchy (SDH) is standar...
  • General IT Controls -ITGC & GTAG
    General IT Controls (GITC or ITGC) Information Technology General Controls is a type of internal controls which is combined a set of policie...
  • EMS or NMS
    EMS or NMS Enterprise Management System Network Monitoring System Enterprise Management System is a bundle of software or application used f...