2 hours 25 minutes
In the last video, we discussed the USB kill attack. Now, up to this point, we've talked about attacks that are more common, and this video will be discussing the more rare type of USB drop tax called the Zero Day Attack.
Now this attack takes advantage of undiscovered vulnerabilities. As I said before, Ah, zero day vulnerability is basically a vulnerability that on Lee, the attacker knows that the the vendor, the software vendor, the hardware vendor has has no idea. So they have a patch for zero days
now, he's said before stuck that also used several the zero day vulnerabilities
in a lot of cybersecurity experts. We'll say this category is called a zero day driver attack. And, um, they called that because when you plug in a USB device,
there's usually some sort of a driver driver software that needs to be installed for that device to work properly.
And uh, with that software there, there is a possibility that, uh, some malicious code could be attached to that driver software and stuck that did this by by stealing sign driver software to make the
what device to appear legitimate and which was not, um and that required some high level of thievery because signed driver software is in very secure facilities.
now, other cyber security experts don't really include zero day as its own category,
and that's because it's really just
when you look at it, just malicious file and malicious code. And really, the logic kind of goes both ways, so it's kind of can fit into just a malicious code. But you could see it as well, being malicious zero day because there's no patch
when this attack occurs.
So it really the logic goes both ways. So it's really the most ill defined of the USB drop attack categories. So sometimes you'll see some experts not include it. Or sometimes you will see him included or called a zero day Rizzo Day driver attack.