Questions tagged [zero-day]
A zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability.
106
questions
1
vote
1
answer
149
views
How to collect malicious URLs
I would like to obtain a list of malicious URLs for testing purposes and, if possible, would like to collect URLs of sites that exploit zero-day vulnerabilities.
I want to collect malicious URLs to ...
- 13
2
votes
1
answer
331
views
Blocking outbound connections to mitigate CVE-2021-44228 log4j?
As I understand it, a successful exploit requires a connection to an external server to download a payload. If a device can't be patched or otherwise mitigated, does restricting its outbound access ...
- 375
0
votes
0
answers
25
views
Zero day vulnerabilities & Cybersecurity Supply Chain Risk Management - how to move from a reactive posture to a proactive posture? [duplicate]
I refer to the Log4j logging framework vulnerability - Source: https://www.wired.com/story/log4j-flaw-hacking-internet/
Since software vulnerabilities is an inevitable part of life, and speed is of an ...
0
votes
3
answers
211
views
Instead of waiting until zero-day exploits to happen, how to preemptively find zero-day vulnerabilities in order to deter zero-day exploits?
Instead of waiting until zero-day exploits to happen, how to preemptively find zero-day vulnerabilities in order to deter zero-day exploits? There has to be a better way.
1
vote
1
answer
598
views
Are updated iOS devices vulnerable to NSO Pegasus?
The Trident memory zero-day, zero-click vulnerabilities (exploits critical to NSO Pegasus success) were supposedly patched on iOS by Apple:
CVE-2016-4657
CVE-2016-4655
CVE-2016-4656
Android phones ...
- 161
-1
votes
1
answer
191
views
Using Artificial Intelligence (AI) to detect unauthorized code modification to reduce and to even stop zero-day exploits [closed]
Since Solarwinds Hack and Hafnium attack involved some degree of unauthorized code modification (orion DLL, creation of web shell), is it possible to use Artificial Intelligence (AI) built into the ...
9
votes
6
answers
4k
views
A new programming paradigm (e.g., Rust) to reduce or end all zero-day vulnerabilities/exploits? [closed]
In view of the Hafnium and Solarwind hacks, where multiple zero-day vulnerabilities were used to ultimately stage the hack and data exfiltration, would the use of memory safe programming languages ...
0
votes
0
answers
243
views
How to identify the usage of the tcp/ip Trek Stack
In order to mitigate the potential exposure to ripple20 zero-day, I must identify the device/s that have the Trek TCP/IP stack installed.
Can I do this with software like LanSweeper? Or must I check ...
- 107
-1
votes
1
answer
515
views
How to identify Treck TCP/IP library usage in a PC?
I was informed recently about the RIPPLE20 vulnerabilities.
Can I identify the usage of a specific protocol on my PC or inside some application on a PC?
I think that the first thing to do in these ...
- 107
3
votes
1
answer
5k
views
Png/JPG exploit
So I recently stumbled on multiple cases suggesting there's a JPG/PNG exploit which is able to silently execute malicious code when simply viewing the image? Just looking for some insight as to ...
- 31
9
votes
2
answers
903
views
How do I protect myself from Pegasus and alike malwares?
I recently came across reports in media that Whatsapp's services were exploited by a malware Pegasus for illegal surveillance of certain individuals. Pegasus, which exploits 0-day vulnerabilities, is ...
- 220
2
votes
1
answer
593
views
How likely are Evince, XReader or Adobe Reader with scripts disabled, to be exploited by a malicious file?
PDFs are very commonly found on the web, and I carefully either view them on the browsers, or use readers without the capability to run the scripts that may come with them (shitty design choice) like ...
- 131
55
votes
3
answers
8k
views
Where to disclose a zero day vulnerability [duplicate]
We discovered a vulnerability in wide range of Ricoh printers, where with a simple PostScript file sent directly, it is possible to crash the device.
To recover you need physical access to the ...
- 682
-5
votes
1
answer
542
views
Honeypot for hunting browser zero-days, rootkits and malware [closed]
I would like to create a honeypot (bot) to hunt browser zero-days (and browser extensions). What is the best way to find those 0days automatically (I would like to create a sandboxed bot which would ...
- 582
-1
votes
1
answer
413
views
How common is the usage of browser zero-days in the wild?
We have an overview with known but fixed vulnerabilities for this browsers: Google Chrome, Mozilla Firefox and Internet Explorer. Such lists exist for many other browsers too. We also have such ...
- 582