Skip to content

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Zero-day attack and exploits in Cybersecurity

License

Notifications You must be signed in to change notification settings

paulveillard/cybersecurity-zero-day

Repository files navigation

Zero-Day Attacks, Exploits, and Vulnerabilities

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Zero-day attack and exploits in Cybersecurity.

Thanks to all contributors, you're awesome and wouldn't be possible without you! Our goal is to build a categorized community-driven collection of very well-known resources.

Table of Contents

  • What is a Zero-Day Attack?
  • What Is a Zero-Day Exploit and Why Is it Dangerous?
  • Anatomy of a Zero-Day Attack
  • Who are the Attackers?
    • Targeted vs. Non-Targeted Zero-Day Attacks
  • Zero-Day Vulnerability Trends
  • Examples of Zero-Day Attacks
  • The Zero-Day Market
  • Zero Day Protection and Prevention
  • Zero-Day Attack Protection with Cynet

What is a Zero-Day Attack (Exploit)?

zero-day

A zero-day (also known as a 0-day) is a computer-software vulnerability previously unknown to those who should be interested in its mitigation, like the vendor of the target software.

  • Until the vulnerability is mitigated, hackers can exploit it to adversely affect programs, data, additional computers or a network.
  • An exploit taking advantage of a zero-day is called a zero-day exploit, or zero-day attack.

Software vendors continuously search for overlooked vulnerabilities and upon discovering such, issue a code fix also known as ‘patch’. However, a zero-day vulnerability is a software weakness that is found by attackers before the vendor has discovered the flaw.

zero-day-timeline

From time to time, vulnerabilities are discovered in computing systems. These vulnerabilities represent security holes that allow attackers to gain unauthorized access to, damage or compromise a system. Known vulnerabilities are documented in public repositories such as the National Vulnerability Database (NVD).

Both software vendors and independent security researchers are constantly on the lookout for new vulnerabilities in software products. When a vulnerability is discovered, it is the software vendor’s responsibility to quickly issue a patch that addresses the security issue – users of the software can then install the patch to protect themselves.

  • A zero-day (or 0-day) attack is a software vulnerability exploited by attackers before the vendor has become aware of it. At that point, no patch exists, so attackers can easily exploit the vulnerability knowing that no defenses are in place. This makes zero-day vulnerabilities a severe security threat.

zero-day lifecycle

  • Once attackers identify a zero day vulnerability, they need a delivery mechanism to reach the vulnerable system. In many cases the delivery mechanism is a socially engineered email – an email or other message that is supposedly from a known or legitimate correspondent, but is actually from an attacker. The message tries to convince a user to perform an action like opening a file or visiting a malicious website, unwittingly activating the exploit.

What Is a Zero-Day Exploit and Why Is it Dangerous?

A zero-day exploit is when an attacker leverages a zero-day vulnerability to attack a system. These exploits are especially dangerous because they are more likely to be successful than attacks against established vulnerabilities. On day zero, when a vulnerability is made public, organizations have not yet had a chance to patch the vulnerability, making the exploit possible.

Something that makes zero-day exploits even more dangerous is that some advanced cybercriminal groups use zero-day exploits strategically. These groups reserve zero-day exploits for use with high-value targets, such as medical or financial institutions, or government organizations. This reduces the chance that a vulnerability is discovered by the victim and can increase the lifespan of the exploit.

Even after a patch is developed, users must still update their systems. If they don’t, attackers can continue to take advantage of a zero-day exploit until the system is patched

Anatomy of a Zero-Day Attack

Who are the Attackers?

Zero-Day Vulnerability Trends

Examples of Zero-Day Attacks

The Zero-Day Market

Zero-Day Attack Protection with Cynet

Learn More About Zero-Day Attacks

^ back to top ^

License

MIT License & cc license

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

To the extent possible under law, Paul Veillard has waived all copyright and related or neighboring rights to this work.

About

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Zero-day attack and exploits in Cybersecurity

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published