Zero-day attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, one that developers have not had time to address and patch. There are zero days between the time the vulnerability is discovered (and made public), and the first attack.Zero-day vulnerabilities are vulnerabilities against which no vendor has released a patch. The absence of a patch for a zero-day vulnerability presents a threat to organizations and consumers alike, because in many cases these threats can evade purely signature-based detection until a patch is released.
The unexpected nature of zero-day threats is a serious concern, especially because they may be used in targeted attacks and in the propagation of malicious code.
FireEye has demonstrated unparalleled capabilities finding zero-day exploits that are “in the wild,” meaning the vulnerability is being used by criminals and threat actors for malicious purposes.
In 2013, FireEye discovered 11 zero-day exploits that were actively in use by advanced threat actors and has already discovered an additional two in 2014. Zero-day exploits already in use by APT actors represent the most critical cyber threat to the CISOs of organizations.
Even if APT actors do not target an organization, other criminal exploit authors will often reverse the zero-day exploit and create their own version before patches can be released.
At FireEye, they examine data from over 2 million virtual machines located in every corner of the globe, resulting in near instantaneous threat intelligence and threat metrics being captured in our Dynamic Threat Intelligence™ (DTI) cloud.
Security research community by sharing detailed, comprehensive views on attack lifecycles, for example in Operation Ephemeral Hydra.
Defense strategy encompasses all malicious activities you may find on your network, or on your endpoints including those that leverage zero-day vulnerabilities and those that do not.
No comments:
Post a Comment