Zeroed In – Zero-Day Attacks

If you are familiar with programming, you know that Zero ([0]) is usually the starting point of arrays, that is called Zero-based numbering, what does it have to do with Zero-Day Attacks ?

Similar to the above, Zero-Day Attacks are “Zeroed In” on a certain vulnerability with one small twist, it’s the vulnerability’s starting point.

If the “life span” of the vulnerability is compared to an array, then in the [0] place, Zero-Day events takes place, let’s expand on that.

what are Zero-Day Attacks ?

Let us demonstrate another example that will help us illustrate the situation a tiny-bit better,

Imagine that something you hold dear is inside a house, now someone has a key to that house without you knowing! and not only that, there was no door before! meaning that the “Breakthrough point” wasn’t even there and got created in the moment the vulnerability got found!

Exactly like that, Zero-Day Attacks works, the attacker finds a vulnerability, which are also called Zero-Day Vulnerabilities in the walls surrounding your assets, he then finds a way to exploit it, and sends a payload as a means of proof.

But wait, does he? because in these events only the attacker knows about the vulnerability, we hit a crossroad, which can lead to one thing that can happen out of several :

  • The hacker will keep this new “Discovery” for himself, won’t report it, and basically, do nothing (unlikely).
  • The hacker will report it to the authority responsible for securing the asset usually expecting some sort of reward or a job interview (Gray Hat).
  • The attacker will sell what he just found for the highest bidder, meaning that in this moment, only 2 people know about this vulnerability, in case the buyer is the one who initiated the attack, there is a chance that the person who originally found it won’t be “connected” to the event, which acquits him of this crime.
  • The last option that can happen (and probably the less-likely one), is that the hacker simply “releases” and spreads the vulnerability all across the web, in these cases, their motives is usually on a social basis (also called Hacktivists).

Fun Fact :

Did you know that Kayran’s Web Application Vulnerability Scanner can analyze and predict Zero-Day Attacks, by detecting potential Zero-Day Vulnerabilities and building payloads that Kayran has created during the scan ?!

And remember, no one likes surprise parties, especially not in the Cybersecurity field (confirmed).

Stay safe, choose Kayran.

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »