What is a zero day attack?

Another way to detect if the exploit is actively used is to set up a honeypot and wait for the threat actors to attack it. The rate of attack will give you the indication of the level of knowledge and spread among the threat actors.

best explanation i found for Zero Day thanks Hussein

it's basically "you're gonna have zero days off until that shit gets fixed"

wow, explanations of confusing stuff in IT can't get any better. thanks a lot!

Very well explained….You made it sound so easy with the example.Thank you!

3:04 surprisingly, for large companies like Microsoft it seems to be more like 90 days.
5:35 their are both good guys and bad guys who after release of a patch try to figure out what the vulnerability might be (if a blog post explaining it doesn't exist or isn't detailed enough), those might release code for an exploit. Which obviously isn't a 0-day, but does mean patching after a vulnerability is still very much advised. Sadly some researcher while looking at it might also find new bugs in the same area and thus a new patch might be released soon after...

It was very helpful. Thank you!

Informative as always, Hussain 👍

I thought zero day vulnerabilities are those bugs/exploits that are planted into software while building it and the bugs/exploits remain there from "day zero", thus zero day.

can you please make a video on encoding, like UTF-8 like that especially related with java.

A vulnerability is a 0-day until to the moment you realize it's been exploited. After finding out that; you have N-days to fix this. Because no one knows how many days it'll take to release a patch for it while everyone knows about the vulnerability itself :)