Zero-day exploits and what you can do about them

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Zero-day exploits and what you can do about them

There’s always a gap between the discovery of a software flaw and a patch being released to fix it. A “Zero-day exploit” is when the bad guys exploit the flaw before the patch is available, usually before the hardware or software maker even knows the flaw exists. Antivirus, firewalls, web filtering etc, don’t protect you from them. A recent example was the Exchange Zero-day exploit in March 2021. Thousands of organisations were scrambling around when they discovered their Exchange servers were breached.

With organised crime and nation-state backed hackers on the attack organizations need to switch to a mindset that they will eventually be breached in some way. Organizations need to take steps to limit the damage from a breach. It's a bit like sprinklers, fire extinguishers and fire doors in a building. None of them prevent a fire in the first place but limit the damage.

Every organization is different, requiring slightly different strategies, but some that will apply to all are:

  1. Software to detect and disable intrusions hopping laterally from one device or system to others (Lateral Movement Detection)
  2. Remove admin rights on devices
  3. Remove admin rights on cloud/web services
  4. Limit access within line of business applications
  5. Structure files/folders and limit access

Engage telanova as your IT team and we will advise you on appropriate security strategies for your organization and implement them.

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand