clock

A Warning about Zero-Day Vulnerability

A zero-day vulnerability is an exploit hackers are using to gain access to your information. They are in software, operating systems, browsers, and through your gateway to the Internet. A zero-day, also called zero-hour, is a security flaw in the code that cybercriminal can use to access your network. Zero-day means it’s a security flaw that has not been discovered by the programmers and the makers the products. There is no known fix, and by the time hackers attack, the damage is already done, before it can be patched.

In one day, cybercriminals can attack your network and access your information, taking you down before you can stop them.

Texas-based NSS Labs stated that boutique exploit providers like Endgame Systems, Exodus Intelligence, Netragard, ReVuln and VUPEN can sell more than 100 zero-day exploits in a year. Its research director, Stan Frei, commented that the average zero-day exploit could last for 312 days before it is detected. If this is true, these exploit providers probably provide access to at least 85 zero-day exploits on any given day of the year.

Ponemon Institute conducted a study on behalf of HP Enterprise Security reports that cyber crime costs on average $12.7 million for US companies, and it takes about 45 days to resolve a cyber attack.

A lot of zero-day vulnerabilities don't hit the mainstream media. Most companies don't want their customers to know they have been hacked. However, with zero-day vulnerabilities contained in programming code, the growth of cybercriminals accessing this security flaw is on the rise.

Recent Known Zero-Day Vulnerability

  • Sandworm (Microsoft OS kernel vulnerability) attack, targeted SCADA systems used a zero-day vulnerability: Microsoft fixed the error with a patch after the fact. However, while fixing that bug, they also found two other bugs in the code.
  • Adobe Flash Player zero-day exploit: Patches were promptly released for Windows, Mac, and Linux operating systems.
  • Internet Explorer Watering Hole Exploit: A vulnerability targeted IE 10 users visiting a malicious website.
  • Malicious Java script code targeted IE users
  • JavaScript-based PDF vulnerabilities

The largest Zero-day exploit in the last year was Heartbleed, a vulnerability in the OpenSSL cryptographic software library. If you're curious, you can read about SeaCat's interesting encounter with Heartbleed. It seems like we detected it and stopped it from entering our systems.

It's not surprising that today like everyone else, zero-day has gone mobile. Thus, when we designed and built our flagship product, SeaCat Mobile Secure Gateway, we made sure that we addressed this kind of vulnerability.

Implement whitelisting: By using a whitelist, only authorized users can access to your internal resources. SeaCat uses a whitelist to allow access only to permitted mobile application instances.

Restrict access: It's recommended to restrict direct access from the Internet to your internal network by setting up an in-between demilitarized zone (DMZ). You limit access from the Internet to the DMZ, the DMZ to the internal network, and so on. This move can block an attacker’s access to an unpatched vulnerability. SeaCat Gateway sits on your DMZ and acts as a shield, filtering in only authorized mobile clients.

Whitelisting and access restriction are just two small built-in defense mechanisms that come with SeaCat. Of course, SeaCat provides much more. Please check out the full product feature list.

If you're in the mobile enablement business, we love to connect with you. Send us an email at info@teskalabs.com or tweet to us TeskaLabs.

Photo credit: Instant Vantage via Imagecreator




You Might Be Interested in Reading These Articles

We Know Why 85% of Mobile Apps Suck in Security. Do You?

In just the past 12 months, we’ve come across 100 mobile app projects at different phases. We’ve had conversations with more than 300 professionals active in the enterprise mobility space. We asked questions and uncovered the underlying problem that caused the current miserable state of mobile application security. It sucks. The answer doesn’t lie in technology but in us.

Continue reading ...

mobile security

Published on May 19, 2016

The 8th version of the European Certificate Trust List (ECTL) for C-ITS has been released

The Joint Research Centre of the European Commision (EC JRC) released the eight edition of the European Certificate Trust List (ECTL) used in Cooperative Intelligent Transport Systems (C-ITS). L0 ECTL v8 contains five new Root CA certificates and one re-keyed Root CA certificate. Three out of five newly inserted Root Certificates are installations that run on the TeskaLabs SeaCat PKI software for C-ITS.

Continue reading ...

press automotive c-its v2x security

Published on September 16, 2021

How TeskaLabs Helped O2 Improve Customer Satisfaction of eKasa Point-of-Sale (POS), the Most Successful POS Product / Mobile Cash Register on the Czech Market

In 2016 the Czech government introduced a new law that required businesses to report their sales and provide Electronic Evidence of Sales (EET). This law calls for the adoption of a more modern point-of-sale system that enables businesses to meet regulatory requirements set forth under this law. During the next two years, the law will gradually impact more than three hundred thousand companies in the Czech Republic. O2, the largest integrated telecommunications provider in the Czech market, observed that many would need help complying with this law, maintaining data security and demanding excellent customer support.

Continue reading ...

security case-study pos

Published on August 08, 2017