The Known Unknowns in Cyber Security


.

The Known Unknowns in Cyber Security

Authors
Stefan Frei


Summary
Recently, there has been increased interest in the way in which security vulnerability information is managed and traded. Vulnerabilities that are known only to privileged closed groups, such as cyber criminals, brokers, and governments, pose a real and present risk to all who use the affected software. With the use of empirical data, NSS has determined that on any given day over the past three years, privileged groups have had access to at least 58 vulnerabilities targeting Microsoft, Apple, Oracle, or Adobe. With specialized companies offering zero-day vulnerabilities for subscription fees that are well within the budget of a determined attacker, and with half a dozen boutique exploit providers jointly having the capacity to offer more than 100 exploits per year, privileged groups have the ability to compromise all vulnerable systems without the public ever being aware of the threats. Read on to learn more about the "known unknowns."


Published
December 5, 2013


Downloads

  1. The_Known_Unknowns_(2013).pdf
  2. Slides: Area41 Talk, Zurich, 2014
  3. Slides: Internet Security Days, eco Kongress, Köln, 2014

Exteral Links

About

HOME | TOOLS | BUG BOUNTY | TOP 10 | PUBLICATIONS IP Address: 54.158.253.134
Date Time: 2017-08-22 12:54:24
Recent Papers
Recent Press Coverage
© 2000-2017 Stefan Frei
techzoom.net