• ZeroCool@feddit.chOP
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      It’s a vulnerability that’s discovered and exploited before it’s known to or addressed by the maker/vendor. So in this case, the North Korean hackers were exploiting an unknown vulnerability in a software package commonly used by security researchers.

      • Yeldarb12@toast.ooo
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Thanks! That’s pretty close to what I thought it was. However it looked like it was being referred to as a specific tactic or program. Thanks for clearing it up!

    • kiku123@feddit.de
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      It’s a computer vulnerability or exploit which has not been discovered before (or at least the software developer wasn’t aware of it).

      0-day comes from the number of days the software developers have been informed of the vulnerability. Normally security researchers will tell a company about an exploit and give them some time to fix it before telling the public.