Following the news that new Windows zero-day exploit that’s up for sale on the dark web for $90,000. Carbon Black’s chief security strategist provides below an insight on this news.
Ben Johnson, chief security strategist, Carbon Black:
“Zero-day exploits such as this are particularly problematic, as traditional security solutions like anti-virus rely on blacklisting – they have a set of known threats that they detect, if a file doesn’t appear on their list, they let it through – so if the threat has never been seen before then this system falls down.
“This is why organizations need to stop relying on AV alone to protect their endpoints; a more sophisticated approach is needed. Whitelisting, whereby a threat is assessed against a set of policies and common characteristics to see if there is a likely issue, can help to spot this type of exploit even if it has never appeared before. This should then we combined with broader threat intelligence, where you can see if a particular file has ever been seen before; if it hasn’t, then it is likely to be zero day and hazardous. This allows organizations to get smarter about security and avoid falling into these sort of traps.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…