Tiêu đề Chapter02.pdf ✅

Chapter02: Cyberattacks, Cybersecurity, and Cyber Law By: Diwakar Upadhyaya
• A zero-day exploit is a cyberattack that takes place before the security community and/or software developers become aware of and fix a security vulnerability. • It takes advantage of security flaws that enable unauthorized users to gain access to a computer system or to download sensitive user data. • Until a zero-day exploit is discovered and a patch is written to fix the underlying flaw, users of the software are vulnerable to attack. Zero-day exploits have been found in widely used software such as Acrobat Reader, Adobe Flash Player, Apple iOS, Google Chrome, Java, Microsoft Internet Explorer, and Microsoft Windows
• While one would hope that the discoverer of a zero-day vulnerability would immediately inform the original software manufacturer so that a fix can be created for the problem, unfortunately this is often not the case. • In some cases, this knowledge is sold on the black market to hackers, cyberterrorists, governments, or large organizations that may then use it to launch their own cyberattacks. • Information about one zero-day vulnerability in Apple’s iOS was reportedly sold for $500,000.
Threat Landscape • The security of data and information systems used in business is of utmost importance. • Confidential business data and private customer and employee information must be safeguarded, and systems must be protected against malicious acts of theft or disruption. • Although the need for security is obvious, it must often be balanced against other business needs.