Posts Tagged ‘0day-exploits’

Symantec CorpSymantec has conducted investigation into the attacks of “zero-day” (zero-day attack), received discouraging results: on average, hackers are able to unauthorized use of unknown vulnerabilities in a wide range of over 312 days or 10 months. Furthermore, the number and severity of these attacks in recent times only grow.

Exploit “zero day”, as the combination of a vulnerability, is not widely publicized, and the tools to exploit this vulnerability, an attacker in order to have great value for cybercriminals. Once the vulnerability becomes generally known, developers, and system administrators are beginning to work actively to block or neutralize the threat, then the next exploit “zero day” becomes almost useless to cybercriminals. (more…)

Symantec CorpZero-day vulnerabilities and exploits dominate headlines and most heated information security discussions.

Researchers at Symantec’s tried to assess how active attackers use 0day-vulnerability and what is the average “shelf life” of this vulnerability, before it becomes known to the public and vendors, which releases a patch.

Practical study of this kind can not, for obvious reasons, because 0day-vulnerability by definition are unknown. Malware is not detected by antivirus software. However, experts Symatec developed a method of automatic recognition of 0day-attacks after the fact, according to the statistics of real binary file downloaded by 11 million computers around the world in February 2008 to March 2011 year. They conducted an empirical study, some interesting results. Presentation was held two days ago at a conference Association of Computing Machinery. (more…)