c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
How is it a zero day if a patch has been out since November?
It was a 0day back then, I guess, so it (in some unknown magic way) keeps that designation forever, apparently.
Real reason: people want clicks on their slop, so they bait your clicks with nonsense.
Meaningless term nowdays.
The first time I heard it, it meant that it was a vuln present since the launch of that version unknown to the publisher, so meaning on day 0 it was possible to exploit it.
Then, when I was studying for a certification I learned they changed the definition to mean it was the number of days a vendor had to patch that vulnerability, and in some cases after being patched these vulnerabilities would get a name assigned to them.
And now, is more of a clickbait word for articles.
I got hit by what I believe was 0day WinRar vulnerability. Installed a nasty XMR miner that was a massive pain to disable. It took over the whole system and blocked any attempts around removal or even reading relevant articles about the miner.
Was able to get rid of it via safe mode and finding a cleaning tool from rather niche (region-focused) sources.
Was able to get rid of it via safe mode and finding a cleaning tool from rather niche (region-focused) sources.
Is always a Spanish, Portuguese brasileiro or Cyrillic software, I swear.
Motw is a gimmick anyway