· 2020-03-24 · 가능하며, CDR은 Zero-Day 악성코드에 대응한 것이다. IV. Content 방화벽 기술 일반적으로 CDR은 보안 이메일
zero day exploits
-
Upload
adv-prashant-mali-bscphymsccomp-sci-ccfpcissallm -
Category
Documents
-
view
248 -
download
1
Transcript of zero day exploits
![Page 1: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/1.jpg)
Zero Day Exploits A Primer
Adv. Prashant Mali M.Sc.(Computer Science),LLM
Cyber Law & Cyber Security ExpertAttorney
![Page 2: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/2.jpg)
A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.
What is a zero day vulnerability ?
![Page 3: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/3.jpg)
• Every organization is at risk for zero-day exploits regardless of size.
• These exploits will often circulate for months until the vulnerability is made public, leaving organizations unprotected.
• The goals of these exploits include, but are not limited to, monitoring of the target’s operations, theft of secrets, and production disruption.
• These exploits are often designed or purchased for those specific purposes by various organizations including governments and organized crime.
Characteristics of Exploits
![Page 4: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/4.jpg)
Demand of Exploits
• There is currently more demand in the market for zero-day exploits than there is supply which makes the business of selling these exploits lucrative
(Bilge & Dumitras, 2012).
![Page 5: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/5.jpg)
Detection of an Exploit
• The longer the exploit goes undetected, the more lucrative the exploit.
• The average exploit goes undetected for 312 days permitting the harmful purpose of the exploit to affect many organizations
(Bilge & Dumitras, 2012).
![Page 6: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/6.jpg)
Life Span of a Zero-Day Exploit
• There is a finite life time of all zero-day exploits.• The closer the life span of a zero-day exploit is to zero, the less time it has to cause damage across various organizations.
• Once a zero-day exploit has been made public and patches are made available to correct the vulnerability, the exploit is considered preventable and technically is just an exploit versus a zero-day exploit.
![Page 7: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/7.jpg)
![Page 8: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/8.jpg)
![Page 9: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/9.jpg)
![Page 10: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/10.jpg)
![Page 11: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/11.jpg)
![Page 12: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/12.jpg)
![Page 13: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/13.jpg)
Protecting - Zero Day Exploits
1.Update your Operating System Regularly
2.Install strong antivirus software3.Keep your applications updated4.Use secure Browsers5.Download things from reputed sources6.Remain updated about happenings about vulnerabilities
![Page 14: zero day exploits](https://reader035.fdocument.pub/reader035/viewer/2022081422/58adf9be1a28abf0628b58e1/html5/thumbnails/14.jpg)
Thank you
Advocate Prashant Maliwww.prashantmali.com
@CyberMahaGuru
All Image Source : Bromium