WEBVTT

00:00:00.400 --> 00:00:07.040
zero day attack it kind of sounds like the title of the

00:00:04.640 --> 00:00:12.000
next hit action movie but it's actually a special kind of software weakness that

00:00:09.040 --> 00:00:15.360
can end up causing big problems and we'd like to thank our friends at bitdefender

00:00:13.519 --> 00:00:19.680
for sponsoring today's episode so we could tell you all about them you see

00:00:17.520 --> 00:00:24.240
it's called a zero-day attack because it stems from a vulnerability no one knew

00:00:21.920 --> 00:00:28.480
about until it was actually exploited kind of like the thermal exhaust port on

00:00:26.080 --> 00:00:33.040
the death star except jyn erso and her dad knew about that one many times other

00:00:31.039 --> 00:00:37.360
types of software bugs are detected by the publisher before they get exploited

00:00:35.600 --> 00:00:42.160
giving developers time to come up with a patch but a zero day attack is called

00:00:39.920 --> 00:00:45.920
that because the publisher knew about it for

00:00:43.280 --> 00:00:49.039
zero days it's like fortifying the crap out of the front of your house during

00:00:47.200 --> 00:00:54.000
the purge and not realizing there's a basement window that you never used oh

00:00:51.600 --> 00:00:59.520
no so it's not surprising that zero day attacks tend to be devastating and high

00:00:56.879 --> 00:01:03.600
impact in fact the famous stuxnet worm that crippled iran's nuclear weapons

00:01:01.440 --> 00:01:08.479
program back in 2010 was a zero-day attack but how exactly do you defend

00:01:06.479 --> 00:01:12.720
against a security flaw that you don't even know is there one strategy

00:01:10.720 --> 00:01:16.960
developers like to use is finding any potential holes that could open up the

00:01:14.400 --> 00:01:20.640
possibility of a buffer overflow and patching them a buffer overflow is

00:01:18.960 --> 00:01:25.200
simply a vulnerability that would allow one program to write data to another

00:01:22.960 --> 00:01:28.560
program's memory space something that's typically not allowed by modern

00:01:26.880 --> 00:01:32.280
operating systems in order to keep a badly intentioned or misbehaving program

00:01:31.360 --> 00:01:36.479
from crashing other parts of the computer

00:01:34.799 --> 00:01:41.200
it's only allowed to crash specific parts because bad actors often use

00:01:39.040 --> 00:01:45.280
buffer overflows to inject malicious code into a machine preventing them is

00:01:43.439 --> 00:01:50.000
an important way to stop zero-day attacks and this is often accomplished

00:01:47.600 --> 00:01:53.920
through heuristic analysis found in anti-malware products this basically

00:01:52.240 --> 00:01:58.240
means anti-malware will look for suspicious code patterns that might

00:01:55.920 --> 00:02:03.119
exploit attack vectors other zero-day hacks have used so new viruses or

00:02:00.719 --> 00:02:07.439
vulnerabilities can be dealt with before human developers find out about them

00:02:05.520 --> 00:02:11.840
and crush them but obviously these solutions aren't

00:02:09.200 --> 00:02:17.920
perfect so software companies often hire penetration testers and other so-called

00:02:15.040 --> 00:02:22.160
white hats to find bugs in their own programs and report findings before the

00:02:20.160 --> 00:02:26.000
bad guys discover them but there's also quite an active marketplace for zero day

00:02:24.400 --> 00:02:30.080
attacks you see you don't need to be directly employed by a software

00:02:27.680 --> 00:02:34.560
developer to go find zero day bugs some companies run bug bounties in which you

00:02:32.319 --> 00:02:37.920
can get paid directly by big name tech firms for finding holes in their

00:02:36.480 --> 00:02:42.239
products and telling their engineers about it rather than you know

00:02:39.920 --> 00:02:47.040
using those vulnerabilities yourself for cd purposes don't do that however there

00:02:45.200 --> 00:02:51.840
are also other companies that basically serve as marketplaces or brokers for

00:02:49.440 --> 00:02:56.080
zero day exploits these can end up paying quite a lot we're talking

00:02:53.920 --> 00:03:00.560
thousands or even millions of dollars if you find an exploit valuable enough but

00:02:58.319 --> 00:03:04.560
it may not always be clear who will be getting their hands on your findings it

00:03:02.560 --> 00:03:09.280
does appear though that buyers often end up being government organizations which

00:03:06.800 --> 00:03:13.920
i suppose in this day and age should surprise no one and of course

00:03:11.360 --> 00:03:17.599
there does exist a true black market for these exploits on the dark web where

00:03:16.000 --> 00:03:20.560
they're simply sold to anyone with enough crypto

00:03:21.120 --> 00:03:26.159
sounds like something out of blade runner or something in fact part of the

00:03:24.159 --> 00:03:30.560
reason bounties from larger companies or brokers can be so high is to encourage

00:03:28.480 --> 00:03:35.120
folks who uncover weaknesses to just report them please instead of selling

00:03:33.040 --> 00:03:40.239
them to an actual cyber criminal for a smaller payout so it does end up being

00:03:37.840 --> 00:03:44.239
possible to both do some good and earn a heap of cash if you know what you're

00:03:42.159 --> 00:03:49.760
doing someone needs to tell the same thing to my isp

00:03:47.040 --> 00:03:55.519
i know so funny right speaking of doing good you would do well to check out our

00:03:52.560 --> 00:03:59.920
sponsor bitdefender total security 2020. it was awarded product of the year by av

00:03:57.519 --> 00:04:04.879
comparatives bitdefender has scored high in independent tests and protects over

00:04:02.080 --> 00:04:10.159
500 million systems worldwide today we're featuring total security 2020 for

00:04:06.879 --> 00:04:12.879
Windows macOS Android and iOS you get a

00:04:10.159 --> 00:04:17.759
vpn multi-layer ransomware protection great speed performance across all

00:04:15.280 --> 00:04:20.239
platforms unbeatable protection against malware

00:04:20.320 --> 00:04:26.560
it's a no-brainer you can even run total security 2020 from your mobile device

00:04:24.720 --> 00:04:30.800
and it's all backed up by bitdefender's comprehensive 24 7 support so click the

00:04:29.120 --> 00:04:36.479
link in the video description for more information and a special giveaway

00:04:34.560 --> 00:04:39.919
all right that's it for this Techquickie thanks for watching guys like

00:04:38.639 --> 00:04:44.639
dislike live your life but what you should definitely do is check out our other

00:04:43.120 --> 00:04:48.320
videos comment below with video suggestions and don't forget to

00:04:46.479 --> 00:04:53.720
subscribe and follow i think you forgot to do that next last time don't forget

00:04:50.479 --> 00:04:53.720
this time