Scribd
Upload
132 views16 pages

Zero Day Expliot

This document discusses zero-day exploits, which target unknown software vulnerabilities before vendors can create patches. It defines a zero-day exploit as an attack on an unpatched vulnerability, explains that they are called "zero-day" because developers have zero days to address the issue, and describes how attackers find and exploit these vulnerabilities to infect systems with malware or steal data. Examples of past zero-day attacks are provided, and mitigation strategies include patching quickly, using anti-malware software, firewalls, and security awareness.

Uploaded by

krammy dump
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
132 views16 pages

Zero Day Expliot

This document discusses zero-day exploits, which target unknown software vulnerabilities before vendors can create patches. It defines a zero-day exploit as an attack on an unpatched vulnerability, explains that they are called "zero-day" because developers have zero days to address the issue, and describes how attackers find and exploit these vulnerabilities to infect systems with malware or steal data. Examples of past zero-day attacks are provided, and mitigation strategies include patching quickly, using anti-malware software, firewalls, and security awareness.

Uploaded by

krammy dump
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

CYBERATTACK

ZERO DAY
EXPLOIT
BY:
MARK REYES MARY JOY DIZON RAMUEL MERCADO
BY CLAUDIA ALVES
CYBERATTACK

CONTENTS
WHAT IS ZERO DAY EXPLOIT? WHY IS IT CALLED "ZERO DAY EXPLOIT"?

HOW DOES ZERO DAY EXPLOIT WORKS? EXAMPLE OF ZERO DAY ATTACK

HOW TO MITIGATE ZERO DAY ATTACK?


CYBERATTACK

WHAT IS ZERO DAY EXPLOIT?


A zero-day exploit is a cyber attack targeting a software vulnerability which is unknown to
the software vendor or to antivirus vendors. The attacker spots the software vulnerability
before any parties interested in mitigating it, quickly creates an exploit, and uses it for an
attack.
CYBERATTACK

WHY IS IT CALLED ZERO DAY EXPLOIT?


The term "zero-day" refers to the fact that the vendor or developer has only just learned of
the flaw – which means they have “zero days” to fix it. A zero-day attack takes place when
hackers exploit the flaw before developers have a chance to address it.
CYBERATTACK

HOW DOES ZERO DAY EXPLOIT WORKS?


Zero-day exploits work by taking advantage of vulnerabilities in software applications or web
server that are not yet known to developers. Attackers typically find these vulnerabilities
through careful analysis of software code or by purchasing information about the
vulnerability from the other hackers or cyber criminals.

Attackers use social Attackers steal


Software or server Attackers exploit
engineering or sensitive data from
containing a zero- the zero-day
other techniques to the infected
day threat is vulnerability to
infect a system with systems or plan for
released create malware
the malware more attacks
CYBERATTACK

Zero-Day
Vulnerabilities

Zero-Day
Exploit

Zero-Day
Attack
CYBERATTACK

Zero-Day
weakness that hadn't been discover
Vulnerabilities

Zero-Day
Taking advantages of the vulnerabilty
Exploit

Zero-Day
Attack Use of the exploit to cause harm
CYBERATTACK

EXAMPLES

ZOOM

Clients vulnerable to a UNC path injection

Send UNC path link


CYBERATTACK

EXAMPLES

MICROSOFT WORD

Microsoft support Diagnostic Tool


CYBERATTACK

EXAMPLES

MICROSOFT WORD

Microsoft support Diagnostic Tool


CYBERATTACK

EXAMPLES
CYBERATTACK

EXAMPLES

MICROSOFT WORD

Microsoft support Diagnostic Tool

Execute commands through code


CYBERATTACK

EXAMPLES

https://www.youtube.com/watch?v=7g0pi4J8auQ
CYBERATTACK

EXAMPLES

STUXNET

Cut off the internet

Targeted the hardware


CYBERATTACK

HOW TO MITIGATE ZERO DAY ATTACK?

Patching

Anti-malware

Firewalls

Awareness

You might also like