SlideShare a Scribd company logo

Zero-day Vulnerabilities

A
alihassaah1994

are security vulnerabilities found in systems and software that have not yet been patched. This means developers don't know it exists, giving attackers the opportunity to exploit it before an update is released to plug it

Internet
1 of 11
Download to read offline
Zero-day vulnerabilities KIRKUK UNIVERSITY COLLEGE OF COMPUTER SCIENCE & INFORMATION TECHNOLOGY PERPETRATE BY: ALI H. AHMED SUPERVISOR DR. AHMED CHALAK SHAKIR 26 MARCH 2024
Outline  What is a Zero-day Vulnerabilities  Reasons for the appearance of zero-day vulnerabilities.  Impacts of zero-day exploits on cybersecurity  Life cycle of a zero day  Practical examples of attacks that took advantage of zero-day vulnerabilities  Recognition and prevention techniques  Conclusion  References 2
What is a Zero-day Vulnerabilities? 3 • are security vulnerabilities found in systems and software that have not yet been patched. This means developers don't know it exists, giving attackers the opportunity to exploit it before an update is released to plug it. • Zero-day means "zero day", meaning that there are "zero" days between the discovery of the vulnerability and its exploitation. • Developers do not have any information about this vulnerability, which makes it difficult for users to protect themselves from attacks that exploit it.
Reasons for the appearance of zero-day vulnerabilities. 4 zero-day vulnerabilities Errors in design or programming The vulnerability was not discovered by the developers Exploitation of the vulnerability by hackers Not updating software Software complexity
Impacts of zero-day exploits on cybersecurity 5 zero-day Data theft Disable systems Access to sensitive infrastructure Undermining trust in digital systems High costs
Life cycle of a zero day 6 Discovery Weaponization Exploitation Disclosure Patching User Update Decline
Practical examples of attacks that took advantage of zero-day vulnerabilities 7 T Attack Target attack The attack exploited a vulnerability 1 Stuxnet Iranian nuclear facilities in 2010 In Windows to access facility control systems 2 Heartbleed OpenSSL servers in 2014 The attack allowed attackers to steal sensitive data from affected servers 3 WannaCry Windows PCs in 2017 In Windows to spread ransomware 4 SolarWinds Software vendors in 2020 In Orion infrastructure management software to provide attackers with access to customer networks. 5 Log4j Many companies and governments in 2021 In the Log4j scripting library to provide remote access to attackers
Recognition and prevention techniques 8 Recognition •Penetration testing •Gap analysis •Network monitoring •Malware analysis tools prevention •Use anti-virus and anti- malware software •Be careful when using the Internet •Update software regularly •Educate users about the dangers of Zero-day vulnerabilities •Develop an incident response plan
Conclusion  A good understanding of Zero-Day Vulnerabilities is vital to data security.  Let us encourage more research and awareness in this area.  Together, we can build a safer and more reliable digital environment. 9
References  https://www.kaspersky.com/blog/nokoyawa-zero-day-exploit/47788/  https://en.wikipedia.org/wiki/Zero-day_%28computing%29  https://www.techrepublic.com/article/what-is-a-zero-day-vulnerability/  https://chat.openai.com/  https://gemini.google.com  https://www.balbix.com/insights/what-is-a-zero-day-exploit/ 10
Zero-day Vulnerabilities

Recommended

Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks- Mark - Fullbright
 
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...uzair
 
Malware
MalwareMalware
MalwareSetiya Nugroho
 
Research Paper
Research PaperResearch Paper
Research PaperDavid Chaponniere
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 

Recommended

Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks- Mark - Fullbright
 
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...
What is a Zero-Day Exploit Understanding the Threat of Unknown Vulnerabilitie...uzair
 
Malware
MalwareMalware
MalwareSetiya Nugroho
 
Research Paper
Research PaperResearch Paper
Research PaperDavid Chaponniere
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdfSitamarhi Institute of Technology
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsSitamarhi Institute of Technology
 
chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesImperva
 
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...Jasmin Hami
 
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)Scott Sutherland
 
Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report Mandar Kharkar
 
Av is dead long live managed endpoint security
Av is dead long live managed endpoint securityAv is dead long live managed endpoint security
Av is dead long live managed endpoint securitySolarwinds N-able
 
A Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration TestingA Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration TestingYogeshIJTSRD
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
Gg2511351142
Gg2511351142Gg2511351142
Gg2511351142IJERA Editor
 
Gg2511351142
Gg2511351142Gg2511351142
Gg2511351142IJERA Editor
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeArnold Antoo
 
R20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptxR20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptxMADARAUCHIHA278827
 
R20BM564.pptx
R20BM564.pptxR20BM564.pptx
R20BM564.pptxMADARAUCHIHA278827
 
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Minded Security
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 

More Related Content

Similar to Zero-day Vulnerabilities

Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesImperva
 
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...Jasmin Hami
 
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)Scott Sutherland
 
Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report Mandar Kharkar
 
Av is dead long live managed endpoint security
Av is dead long live managed endpoint securityAv is dead long live managed endpoint security
Av is dead long live managed endpoint securitySolarwinds N-able
 
A Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration TestingA Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration TestingYogeshIJTSRD
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Cybersecurity Education and Research Centre
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeArnold Antoo
 
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Minded Security
 

Similar to Zero-day Vulnerabilities (20)

Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
 
chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systems
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known Vulnerabilities
 
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
Stopping threats with Votiro's Advanced Content Disarm and Reconstruction tec...
 
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)
 
Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report Cisco 2014 - Anual Security Report
Cisco 2014 - Anual Security Report
 
Av is dead long live managed endpoint security
Av is dead long live managed endpoint securityAv is dead long live managed endpoint security
Av is dead long live managed endpoint security
 
A Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration TestingA Comparative Study between Vulnerability Assessment and Penetration Testing
A Comparative Study between Vulnerability Assessment and Penetration Testing
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
 
Gg2511351142
Gg2511351142Gg2511351142
Gg2511351142
 
Gg2511351142
Gg2511351142Gg2511351142
Gg2511351142
 
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
Data-Driven Assessment of Cyber Risk: Challenges in Assessing and Migrating C...
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital Age
 
R20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptxR20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptx
 
R20BM564.pptx
R20BM564.pptxR20BM564.pptx
R20BM564.pptx
 
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
 

Recently uploaded

Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 

Recently uploaded (20)

Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 

Zero-day Vulnerabilities

  • 1. Zero-day vulnerabilities KIRKUK UNIVERSITY COLLEGE OF COMPUTER SCIENCE & INFORMATION TECHNOLOGY PERPETRATE BY: ALI H. AHMED SUPERVISOR DR. AHMED CHALAK SHAKIR 26 MARCH 2024
  • 2. Outline  What is a Zero-day Vulnerabilities  Reasons for the appearance of zero-day vulnerabilities.  Impacts of zero-day exploits on cybersecurity  Life cycle of a zero day  Practical examples of attacks that took advantage of zero-day vulnerabilities  Recognition and prevention techniques  Conclusion  References 2
  • 3. What is a Zero-day Vulnerabilities? 3 • are security vulnerabilities found in systems and software that have not yet been patched. This means developers don't know it exists, giving attackers the opportunity to exploit it before an update is released to plug it. • Zero-day means "zero day", meaning that there are "zero" days between the discovery of the vulnerability and its exploitation. • Developers do not have any information about this vulnerability, which makes it difficult for users to protect themselves from attacks that exploit it.
  • 4. Reasons for the appearance of zero-day vulnerabilities. 4 zero-day vulnerabilities Errors in design or programming The vulnerability was not discovered by the developers Exploitation of the vulnerability by hackers Not updating software Software complexity
  • 5. Impacts of zero-day exploits on cybersecurity 5 zero-day Data theft Disable systems Access to sensitive infrastructure Undermining trust in digital systems High costs
  • 6. Life cycle of a zero day 6 Discovery Weaponization Exploitation Disclosure Patching User Update Decline
  • 7. Practical examples of attacks that took advantage of zero-day vulnerabilities 7 T Attack Target attack The attack exploited a vulnerability 1 Stuxnet Iranian nuclear facilities in 2010 In Windows to access facility control systems 2 Heartbleed OpenSSL servers in 2014 The attack allowed attackers to steal sensitive data from affected servers 3 WannaCry Windows PCs in 2017 In Windows to spread ransomware 4 SolarWinds Software vendors in 2020 In Orion infrastructure management software to provide attackers with access to customer networks. 5 Log4j Many companies and governments in 2021 In the Log4j scripting library to provide remote access to attackers
  • 8. Recognition and prevention techniques 8 Recognition •Penetration testing •Gap analysis •Network monitoring •Malware analysis tools prevention •Use anti-virus and anti- malware software •Be careful when using the Internet •Update software regularly •Educate users about the dangers of Zero-day vulnerabilities •Develop an incident response plan
  • 9. Conclusion  A good understanding of Zero-Day Vulnerabilities is vital to data security.  Let us encourage more research and awareness in this area.  Together, we can build a safer and more reliable digital environment. 9
  • 10. References  https://www.kaspersky.com/blog/nokoyawa-zero-day-exploit/47788/  https://en.wikipedia.org/wiki/Zero-day_%28computing%29  https://www.techrepublic.com/article/what-is-a-zero-day-vulnerability/  https://chat.openai.com/  https://gemini.google.com  https://www.balbix.com/insights/what-is-a-zero-day-exploit/ 10