Time
2 hours 25 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
In the last video, we discussed the USB kill attack. Now, up to this point, we've talked about attacks that are more common, and this video will be discussing the more rare type of USB drop tax called the Zero Day Attack.
00:12
Now this attack takes advantage of undiscovered vulnerabilities. As I said before, Ah, zero day vulnerability is basically a vulnerability that on Lee, the attacker knows that the the vendor, the software vendor, the hardware vendor has has no idea. So they have a patch for zero days
00:31
now, he's said before stuck that also used several the zero day vulnerabilities
00:37
in a lot of cybersecurity experts. We'll say this category is called a zero day driver attack. And, um, they called that because when you plug in a USB device,
00:51
there's usually some sort of a driver driver software that needs to be installed for that device to work properly.
00:58
And uh, with that software there, there is a possibility that, uh, some malicious code could be attached to that driver software and stuck that did this by by stealing sign driver software to make the
01:17
what device to appear legitimate and which was not, um and that required some high level of thievery because signed driver software is in very secure facilities.
01:32
Um,
01:33
now, other cyber security experts don't really include zero day as its own category,
01:41
and that's because it's really just
01:44
when you look at it, just malicious file and malicious code. And really, the logic kind of goes both ways, so it's kind of can fit into just a malicious code. But you could see it as well, being malicious zero day because there's no patch
02:02
when this attack occurs.
02:05
So it really the logic goes both ways. So it's really the most ill defined of the USB drop attack categories. So sometimes you'll see some experts not include it. Or sometimes you will see him included or called a zero day Rizzo Day driver attack.

Up Next

USB Drop Attack

Malicious devices are everywhere these days, whether you can see them or not.

Instructed By

Instructor Profile Image
Shawn Briere
Information Security Analyst
Instructor