msm1267 writes "The use of exploits against zero days, or unpatched vulnerabilities, is nothing new. Attackers have been looking for and using new bugs for as long as there has been software to exploit. What’s changed in recent years is the scale of zero day exploit use and the kind of attackers using them. It used to be mainly individual attackers and some high-end cybercrime groups. But now, zero days are being used by governments, intelligence agencies and state-sponsored attack teams. In the hands of these groups, zero days represent a major threat to the targeted organizations, most of whom can’t keep pace with the patches coming out for known bugs, let alone defend against attacks on zero days.
“There’s no red button you can push to make this go away. This is going to go on and on and on,” Andreas Lindh of I Secure n Sweden said in a talk at Virus Bulletin 2013 here Wednesday. “We need to get our priorities straight. What I’m suggesting is that we get back to basics rather than buying more tools. The tools we have work pretty well when you use them correctly. We actually have really good tools. We need to start focusing on what matters, what really matters.”
Lindh said that the old concept of defense in depth, which has been ridiculed in some corners in recent years, still holds up in most cases if organizations implement their technology correctly and don’t sit back and expect miracles. One key to succeeding more often than not against high-level attackers, he said, is to harden the software we all depend on through the use of technologies such as ASLR and DEP, which prevent many common memory corruption attacks. The number of ways that attackers can get into systems has decreased in the last few years, Lindh said."
Link to Original Source