"But it needs to be clear, patches are not a solution to zero-day vulnerabilities, simply a solution to known ones. "The patching of vulnerabilities is a huge issue by itself," he said. Dealing with them requires companies to put in multilayered defenses. "Zero days are a real threat, although hyped as buzzword right now," Evron said. "A zero-day is a vulnerability the public does not know about and is used to attack in the wild," he said. "The problem is one of terminology," said Gadi Evron, security evangelist for Israel-based Beyond Security and a member of the recently formed Zeroday Emergency Response Team. "It's time to put the emphasis back on the unknown attacks out there." "Somewhere along the line, our definition of a zero-day attack got changed" to mean only those vulnerabilities that have been made public, Shimel said. The definition of zero-day exploits does not generally include unknown vulnerabilities that also exist and are already being quietly exploited. "People now think of zero day as the time when a vulnerability becomes known to when a patch becomes available," Shimel said, adding that companies still tend to rely on patches and similar fixes to address the problem. Typically, such flaws are discovered only after they have been successfully exploited in an attack and are much harder to detect and stop using most standard anti-malware tools, he said. While that danger is obvious, it is equally important that companies remain on guard for undisclosed vulnerabilities or "less than zero-day" flaws that are unknown to anybody but attackers, Shimel said.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |