Zero day actually refers to two things—a zero-day vulnerability or a zero-day attack.

There are different definitions of zero-day attacks. One defines the attack as attacks on vulnerabilities that have not been patched or made public, while others define them as attacks that take advantage of a security vulnerability on the same day that the vulnerability becomes publicly known. These threats are incredibly dangerous because only the attacker is aware of their existence.

A Zero-day vulnerability refers to a security hole in software—such as browser software or operating system software—that is yet unknown to the software maker or to antivirus vendors. Until the vulnerability is mitigated, hackers can exploit it to adversely affect computer programs, data, additional computers or a network.

IBM Logo

Researcher Discloses 4 Zero-Day Vulnerabilities in IBM Data Risk Manager

A cybersecurity researcher disclosed four zero-day vulnerabilities in IBM’s enterprise security software after the company refused to fix the issues and acknowledge the private disclosure report. The vulnerabilities affect the IBM Data Risk Manager software ― a tool that provides companies with “a business-consumable data risk control center that helps to uncover, analyze, and visualize data-related business…

Flera Zero-Day-sårbarheter i DVR: er från IP-videotillverkaren, LILIN, har utnyttjats av DDoS-botnets för att infektera sårbara enheter. LILIN DVR-sårbarheten

DDoS Botnets Utnyttjade Flera Zero-Day-Sårbarheter i LILIN DVRs

Flera Zero-Day-sårbarheter i DVR:er från IP-videotillverkaren, LILIN, har utnyttjats av DDoS-botnets för att infektera sårbara enheter. LILIN DVR-sårbarheten rapporterades först i maj 2019 och utnyttjades i mer än sex månader innan LILIN åtgärdade felet och släppte en firmware. Angripare använde DDoS-botnet för att attackera och utnyttja sårbarheten, för att uttrycka det enkelt. En distributed denial-of-service…

Zoho Logo

Zoho ManageEngine Zero-day Vulnerability Discovered and Fixed

A zero-day vulnerability is discovered in Zoho ManageEngine Desktop Central endpoint which could cause serious damage to customers if exploited. web-based office suite and SaaS provider, Zoho, was revealed to contain a zero-day vulnerability in the ManageEngine Desktop Central endpoint. ManageEngine Desktop Central endpoint is an endpoint management tool that helps managed service providers (MSPs)…

February patch tuesday

February 2020 patch tuesday: Microsoft patched 99 security flaws

Microsoft has released an update to patch 99 vulnerabilities on Windows and other Microsoft software. This includes 12 vulnerabilities flagged as Critical and 87 flagged as Important.  The update includes a patch for the zero-day memory-corruption vulnerability disclosed in late January that’s under active attack. The bug tracked as CVE-2020-0674 is a critical flaw for most Internet Explorer versions,…

microsoft-internet-explorer

Microsoft’s Internet Explorer zero-day workaround breaks printing

As reported earlier an unpatched zero-day vulnerability exists in Internet Explorer that is being exploited in targeted attacks. Microsoft still hasn’t released a patch for the vulnerability dubbed as CVE-2020-0674.  Although Microsoft suggested mitigation steps, there are a few problems that are left unsolved. Windows Media Player, Microsoft print to PDF, and local USB printers are all…