Welcome to #WeekendWisdom number 96. This week we talk about Zero Days.
Where is this coming from?
Over the last two #WeekendWisdoms I talked about needing to do updates for vulnerabilities and when it comes to software vulnerabilities zero days are usually the most critical.
You see when security researchers are analysing various software like Microsoft, Apple and Google products, if they discovery a vulnerability in that software, they will report it to the vendor and give them an opportunity to rectify it and fix it before they make it public. They usually give them a period of months, normally it is usually 3 months.
What are Zero Days?
But in the case of zero days what happens is that a vulnerability is exposed on a day when nobody is aware of it until everybody is suddenly aware of it, including the vendor and including criminal gangs.
These cyber criminal gangs will immediately start looking to try and exploit that zero day vulnerability, while the vendors are rushing to try and fix it, to put out an update to fix that vulnerability.
That can take time. It can take days, it could take weeks to fix it. So it’s kind of a race against time for the cyber criminals to try and crack it and exploit it and for the vendors to fix it and update it.
What should you do?
So if you ever hear me talking about “There’s a zero day vulnerability out there that you need to patch!”, you should be looking to try and patch that as quickly as possible.
So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.