Yes i thaught that to 😂😂

I actualy automaticly skipped that part. If it was not for you I would never have known XD

This wins

I was about to comment the exact same thing

Came to see if anyone beat me to it. Of course they have. Lol

And of course it also has the fall into several categories of utility; a bug that causes the wrong shade of yellow to appear is (probably) not a zero day

This is a much better explanation than the top comment rn. Better grammar too.

And the name comes from the warez scene (since there was significant overlap in the early to mid 80s), when "0-day warez" meant a game which was cracked on the day it was released. You'd get "-1 day" sometimes due to time zone issues, but 0-day was the gold standard.

Thank you. Hearing the video's definition was a bit of a forehead slapper. A zero-day is an exploit that was discovered being actively exploited in the wild, without the hardware/software manufacturer being aware of it, so there is no fix available at that time. The alternative would be if the manufacturer was made aware before the exploit was found being used in the wild, and likely already has a patch available.

@@DanKaschel - Zero days imply code execution.

cd 66 A single cyber bug can completely shutdown an entire country's airline industry in a matter of seconds.

I'm sure airline and airplane software vulnerabilities are highly sought after actually. Imagine having an airplane botnet.

lmao

If the target is Air Traffic Control, you could stop airlines from getting filing flight plans and no flight plan, no clearance. You could shut down instrument landing systems on a day with bad weather, the airport's operational minima will be increased and if the day is foggy enough, you've shut down the airport

He’s being sarcastic 😂

So you got hired right?

Isn't that obvious?

In some ways, I almost feel like pre-programming something to make them run like, just a bit shit might actually be harder than running in a way that'd simply rip themselves apart. Which of course gets you less dramatic damage, but lets you interfere for MUCH longer before discovery.

Hey if you were spinning at Hz, you'd be all screwed up too...

Yea that's exactly what I was gonna say..

And always have the most up to date software version

@@smnbrgss yeah, tell that to end users and product owners... "I ain't paying you for fixing working things, gimme features NOW!!!11111"...

When I was in high school I rigged the USB autorun like the one at the beginning of the video to inject my own payload instead of the intended one. From that moment on whenever a new USB key was inserted it would: - Transfer all .txt .doc .xls and such document files to a hidden folder in C:\Windows\ - If the Label was a specific label (sort of like a password) it would instead copy all files in this hidden folder onto the USB drive. - Self-replicate to the inserted USB key and make itself part of it's autorun. I used this USB key to then turn in my class assignment to my teacher. I think in like a week I could go around to any computer in the school, plug in my USB key with the right label, wait a few minutes, and a bunch of new documents would be in there, including: - Future Assignments. - Future tests. - Other student's assignments/projects. - Personal documents (that was dicey). - Some people even had text files with their passwords. Sorry I feel like a rambling boomer. The reason why I can disclose this is that it just prescribed so even if they found me out nothing could happen.

@@unixtreme Genius, copying them into a directory where almost no one opens in Explorer, ever, haha

ok

On the back half of my lunch watching this, and I cannot agree more

Solve it by getting chickens and putting potatoes in the ground.

We're actually starting a club now

This video makes it worth taking a break.

literally me rn

Thank you for pointing this out. Its confusing because people describe exploits/vulnerability as zero days in the media but its only describing the effect and not what it actually is. Its like calling a car a zoom. The zoom being the zero day and the car being the exploit.

Another correction, most zero day exploits are not known by the devs. Known zero day exploits are usually quickly fixed by devs when brought to their attention.

Not trying to correct you or anything, but arent zero days vulnerabilities that have been discovered before the software is released?

@@nekko3559 It's a exploit in existing software that is activity being exploited that was not previously known. Sometimes exploits are know or reversed engined from patches and these are not zero days. If a bug is found and disclosed its also not a zero day.

@@johnmackenzie3871 zero days are always not know by the devs by definition. Devs don't always act fast and it's always been a topic in the security world when to publicly disclose exploits to force devs to act so zero days don't happen.

😂😂 saame

Same here

Lol

Too

We’ve all been conditioned

there was an exploit in iPhone image decoding called "FORCEDENTRY" where a genius team of hackers created a whole turing machine to run their own code. its insane how talented people are

@@Neuroburger are you trying to say that software engineers intentionally developed and documented these vulnerabilities to conveniently use in this specific scenario later?

And it shows the tyrannical and evil nature of the US and Israel hypocritically stunting Iran's lawful nuclear programme

Useless virus, useless designers, useless countries

I thought the UK and Israel did it.

@@carlosandleon CIA with collaboration with others in Israel.

@@carlosandleon No one actually knows, but I'd bet money that the DoD had a few hands in it

Ikr, as if the typical basement dwelling hacker would know how an underground uranium centrifuge in Iran works.

GAGAGAGAGAGA!!! I want to cut my toenails... NEVER! I am the feet KZbinr. Thanks for being a fan, dear chr9s

Yeah, the payload, distribution of it and effects should be Infosec and Malware 101 -- it's sublime.

Cyber-terrorism isn't "beautiful", it's a sophisticated virus that was originally intended to damage industrial plants but was then repurposed for nuclear power plants.

Lucky for you - he explains it in the video.

Even more interesting is the history behind the notorious Mirai botnet. Such a powerful tool just so a couple guys could run a protection racket off Minecraft server hosting.

Scary right?

That may be the original porpose

@Nunya Business IoT devices are usually fairly insecure and almost never updated, making them easy targets for hackers. Really not a concern for the average consumer, very few hackers are interested in burning down your kitchen with your smart toaster, but they can be recruited into botnets or used to more widely propagate malicious code.

@@karl0ssus1 How many HIK Vision cameras or home AP's are _still_ on their default settings/password? How many were/are used for ddos over the years?

Forgot "to the internet". "Hooking your toaster to the internet". Even if it's not a concern right now there is nothing saying we won't start seeing serious cyber terrorism. There is very rarely a purpose for remote access to home appliances while the possible bot use or remote terrorism possibilities are endless. There is nothing stopping a foreign power from investing in accessing these devices to launch untraceable attacks on countries they would normally have no hope of fighting conventionally.

Interesting! I take it you're a brandon sanderson fan?

​@@pinkfluffyant6335 nah he's just some guy names Hoid, living his life

Hobby hacker?

@@jakestavinsky3480 they do it as a hobby

@@jakestavinsky3480 Their hobby is hacking and learning about hacking

Not really, a lot of the info in this video is half-true, and he doesn't seem to know what a lot of the terms (such as zero-day and remote execution) mean

@@jakestavinsky3480 They hack Hobby Lobby, an American arts and crafts company, presumably in order to take crayons from your children.

also I am impressed by how well you explained stuxnet. For a guy who is likely not a computer scientist or a security engineer, it was a near perfect presentation. My hat is off to you!

What surprises me at times is how long it really took for those things to happen. I agree that something like stuxnet happening was huge, but first of all because it became public, and people started to think about it, and take some things people in the security industry have been saying for a long time now, a lot more serious. But.. imo, this being possible wasn't news, and shouldn't have been news for decades now.

What nobody talks about is how, probably Israel, killed some of the engineers from the nuclear plant who were trying to clean it up where killed on the streets in the city. And how the security expert from Microsoft had an unfortunate accident before his big talk about Stuxnet at a security conference. Probably that last one was purely an accident and coincidence. But the dead Iranians clearly aren't. It does indicate that working in IT Operations and Security has become a more dangerous job than it used to be. And as XKCD 538 indicates the weakest link at some point might end up being us.

@@autohmaewho was the security expert

@@Bell_plejdo568p the talk: 27C3: Adventures in analyzing Stuxnet (Bruce Dang from Microsoft)

I'm scared, there's this guy who was friends with my friend and told me he was with some hacking group from Belarus, like he started phishing people from 50 accounts, said he knew some kind of 'people' called Sandworm, possibly them

if you think cyber just entered the public consciousness, you must have missed the 80s.

as a bullshit detector professional i call bullshit

@Plentus Have you ever heard of the term cyberpunk? Yes, that is from 1980.

@@КГБКолДжорджКостанца there's a shit ton of hacking groups with their own names think like petty youth gangs that shoplift and pickpocket people or break into cars, the difference between them and a nation state hacking group is identical to the difference of those petty gangbangers and the most powerful cartels

PLC security is a joke and mostly relies on being on an isolated network. That obviously isn’t enough if someone really wants access to your stuff as stuxnet proved. Makes you think twice every time you swap a usb flash drive between a business and process computer.

Yeah, controllogix 5000 don't have any credential requirements (or even an option to set any as far as I've seen), just need the ip and you can mess some thing up badly

@@prestonsiegfried9403 Yeah I'm haven't seen any passwords on AB plcs either. I know siemens have added them now.

@@SteamTech_4468 controllogix can have passwords but they’re use is frowned upon unless it’s a safety program or pharma.

the people who discovered Stuxnet didn’t know what device it was looking for when they were reading the code. i guess a PLC for nuclear centrifuge is pretty obscure hehe. i think they ended up buying one to test for real to make sure they had the right thing

I'm thinking of pursuing cybersecurity too. Is it worth it?

Its how YT shaves profit from the creators.

Any idea why it was taken down?

@@taavitammaru5671 copyright strike

@@taavitammaru5671 nicole perloth doesnt like it when you credit and use her as a source

@@Noobscodee Its possible I dont get how the system works because Ive been banned for 4 years, but the most views usually occur shortly after release.

Dude that podcast rules

Where does one find that podcast?

Stuxnet’s dev artifacts date it to at least 2005. Imagine how potent current-gen cyber weapons are, *17 years* later…

@@dhess34 there's definitely hacks going on right now that are way crazier than Stuxnet, but they're that good we don't know about them yet, because the victim doesn't even know about them 👀

I really like the analysis of Stuxnet called "To kill a centrifuge" by Ralph Langner as it explains lots of technical details about Stuxnet and centrifuges in question. Also the virus portrayed in this video is actually a second less sneaky version of Stuxnet, the first one was much more sneaky and destructive, but much less exciting as it had no 0-days nor any way to spread via local network.

Love to Japan from Russia, our country is not at a great spot, things are becoming restricted, I need to use a VPN to actually see this, who cares though, I condemn the war in Ukraine, idc

isn't it about one o'clock in the morning in Japan? What are you still doing here?

@@florianschneider3982 We are rebels!

@@florianschneider3982 Imagine asking why are they still awake like is that against the law?

@@florianschneider3982 still to early t9 sleep! Lol

Plenty of people listened. There's just not a lot we can do to patch 0-days that, by definition, we don't know about yet

Modern cyber warfare also targets public opinion and psyche.

There's stronger ones with tens of zero days that is almost 100% already on your phone vibing till it finds it's sweet spot. The US makes up the majority of cyber attacks and we aren't shy about it lol

Not just in the vulnerabilities but in the implementation and discretion of the objectives it is the nature of cyber warfare to evolving faster than the nasty little bug eaters. Zero day exploits suck.

Tbh we have always been vulnerable, defenses and attacks develop day by day but one thing for sure is that the results will be the same, the only difference is perspective. A virus infecting 100mil devices decades ago would not be any different from a virus infecting 1bil devices today, its the same results, someone's property will get damaged.

Bien

...Squarespace, Cloudflare, Nord or Express VPN...

As a counterexample, the Shellshock bug had existed since 1989 and wasn't identified until 2014. It is certainly conceivable that, even in the absence of conspiracy theories about government/corporate partnerships, a devastating bug could go unnoticed for decades.

@@ShimmeringSpectrum true, though that bug was exploited primarily cause the patch sucked and people weren't updating their unix servers. I guess the point I'm making is banking for a long time on no one discovering the discovery that you bought and hired a team of people to implement maliciously sounds like a stupid idea. It's like finding a $100 bill on a crowded street. You better hope no one else saw it. But as I said, I concede that sometimes exploits exist for literal decades, so a fair example for sure.

Israel is so badass ngl

@@TheAssassin74 they are making bank selling to both sides

wow you must've been really smart to repeat these basic facts, what a useful comment.

@@TheAssassin74 I was strolling through Beer Sheba when an air raid took place, the sky opened up, a rocket barreling towards the Earth, yet a thousand more attacked it like a swarm of ants. Israel is infact, very cool.

They aren't inherently dangerous. They are either dangerous or completely harmless. It just refers to any undisclosed security exploit, bug or issue.

Makes sense, kinda like the motivation behind the use of the atomic bombs.

@@Calvin_Coolage a fitting metaphor, seeing as the US opened the floodgates to a new scary dimension of warfare, much like Hiroshima

@@LOLquendoTV At least nukes have MAD. If you get cyberattacked, assume it's the US or Russia or whatever, and launch a counterattack, then you just look like an asshole because the origins of these attacks are fairly difficult to prove.

Not really. Spies can keep doing the same thing if they never get caught.

Trust me, Iran will hold a millitary parade with soldiers holding laptops (made in the US) or some USB drives.

Omg same 😭😭😭😭😭

I doubt most security monitoring would detect or prevent a RCE 0day.

How big are is 1MB of codes, Any idea how many lines, Are viruses usually in KB?

Yeah, so it’s undetectable. But they fill it with loads of padding so you can’t scan for viruses.

@@xMaFiaKinGz A few things to note here: it really depends on whether we are talking about the average size of graphical (point-and-click) programs versus the size of console programs, like Stuxnet. Graphical programs tend to be much larger than console programs, often several megabytes in size versus several (kilo)bytes for most console programs. For example, *bf1.exe* (the Battlefield 1 game executable) sits at about 13MB in size, depending on the specific version you have installed. This is all just code, so you can imagine how densely packed the information is inside a compiled binary such as this. To give you a similar perspective on the console program side of things, *cl.exe* (the Microsoft Visual C++ compiler executable) is a few hundred _kilobytes_ in size. This is an incredibly complex program designed to perform a very complex and open-ended task, but it's much smaller than *bf1.exe* because its scope is much narrower and it doesn't have to display anything graphical. So to have a virus (usually a single-purpose console program designed to do little more than spread and replicate itself, often kilobytes or even mere _bytes_ in size) take up >1MB of space with just code is very unusual and unprecedented. Stuxnet, as a non-graphical program meant to run in the background, had to have been _enormously_ complex to be that heavy.

A zero-day is literally just an undiscovered exploit in software corrrect?

@@Calvin_Coolage yup. one defenders have had no time to set up defenses for when it's used.

Yeah, 0-day-exploit = the manufacturer has had 0 days to look at the exploit, therefore hasn't been able to fix it.

They are 0-click exploits

Dude! What's up? Funny I run into you in a comments section again; I tend to peruse the comments on pertinent subjects to get a feel for general perspective. So you've figured out SA's definitely got a problem with some psycho hackers. These weirdos are capable of some downright insane sh!t. I've been looking into a lot of bizarre hacking incidents and an overwhelming number of cases are cited in SA and the surrounding areas. It looks like there is some possible connection to the psychiatric community/industry...I mean you can actually hear voices in the environment, no bullshit. I'll stop there cause im just painting myself crazy at this point. Hope you're faring better now, this sh!t is no joke. Holler back!

If only he’d learnt how pronounce Iran correctly….😅😂

@@amiriteLMAO why are you subscribing to an obvious bot 😂

White hats are not nearly as common as you might notice, because of a combination of things, but here's something pertinent: When a bug gets reported, it usually comes after the reporter has abused it for a while and got bored or feels bad about it. So most of the time, reporting bugs can get you extreme suspicion and or bans/punishment. This alone demotivates a majority of regular (ie. non corporate employed) white hats. But other than this, generally, cybersecurity firms are hired in the process of creating new infrastructure. The problem is software devs LOVE to reuse old shit, so basically unless you're making a whole new internet, bugs from a billion other places will be incorporated. The internet is a lot like building a house and your house building tech only gets better the further in you've gotten. By the time you're installing solar panels, people are starting to realize the foundation is made of packed dirt.

@@saintjezebel unfortunately it makes a lot of sense. :/

i want to know, at the moment, i'm scared, a friend of a friend i know has been hanging out with this man part of a Cyberunit known for phishing, hacking, vulnerable information, possibly Sandworm

Source?

@@navyseal1689 the same as this video: the Wikipedia article on Stuxnet. The article has a table listing affected countries, and "Share of infected computers" for each country. The creator of this video misinterpreted this as "amount of computers infected from the total amount of computers in that country", when in actuality, the table lists "amount of computers in that country from the total amount of known infected computers".

@@巫女みこメガネ ok, you have excellent English my guy

From my (admittedly incredibly distant) perspective it looks like disinformation is the most visible weapon currently in use lately. On one hand that's a minor relief on the network side, but on the other it's really annoying seeing less discriminating contacts willfully spread easily-disproven nonsense. That's a whole can other can of worms though, and neither this video nor this comment are part of that problem.

There is a titanically large cyber war going on its just most people aren't involved.

the book is really good. it’s possible to follow even if you don’t know much about the subject. it does a great job of going into detail without getting complex technically.

... or cyber weapons will be carefully saved as the last resort... The "f¥¢k everything" move. Can't keep them locked up too long however because they can be rendered useless by a patch or unrelated update in the meantime. So, yes, doing duty as intelligence collectors while they wait is a likely use of their capabilities.

I'm surprised he barely touched on it considering that the Shadow Brokers were an independent group who infiltrated the 'best' agency and not only leaked their tools but all the exploits they had paid millions for, in the days of utmost secrecy and govt v govt cyberwarfare

This. 👍

I don't know the mechanism, but my university suffered a devastating cyber attack. All the systems shut down, and more than a month later, some of them are still down.

The problem is not that they are not willing to upgrade but rather that Software Companies are either to lazy or that the Software that they build are from the 80is or 90is. Everyone who has a little unterstanding how OS works knows what works on a Win10 does not mean it is going to work on older Versions. A good solution would be to switch those Softwares on Linux but I guess the American Lobby would have a small problem with that and on the other hand to convert the whole Software on a different Kernel and Operation System would take ages.

More accurately it's "any vulnerability which is unknown to the developers" - the idea being that once the vulnerability is known, its value starts to diminish over time ('n'-day vulnerabilities). A 1-day vulnerability might still be missing an official patch, widely unknown, and as such invaluable in the right hands. A 7-day vulnerability's probably patched, worthless vs. security-conscious targets, but valuable for other uses. Depending on the software in question there could be a vast quantity of old installations runninng. A 500-day vulnerability is pretty much worthless. (Well... I say that, but if I recall correctly the ransomware attacks that devastated some public health systems a few years back were using ancient exploits... the hackers had made it on the cheap, and were just kinda shotgunning it around hoping to hit something. Turned out a bunch of hospitals still had their entire networks running Windows XP hahaha)

Harm on nation - Yes In safe way - Yes Not like operation orchid where they bomb shit out of not fueled reactors

What’s wrong with Stuxnet? An Iranian nuclear state is an absolutely nightmarish scenario.

@@jonathanpfeffer3716 israel and US are not better then iran

Do you think a Uranium enrichment plant is well-meaning?

@@monkeyboy600 yes, most nuclear power plants run on enriched uranium.

You're getting warm. Neither the US nor Israel had any way of getting into Natanz, and with it being an air-gapped facility that would be the only way for the worm to actually enter the computer network. They probably asked around among their allies, and arrived at the AIVD (Dutch civilian intelligence agency), who had a mole in Natanz that Iran employed to work on some of the PLC related system. He ended up smuggling the worm in and deployed it on Natanz's network. Coincidentally he ended up dying in a very weird motorcycle accident in the Middle East some years later....

How about the WannaCry cyber attack? Affected the entire world and was reportedly a massive cash grab operation by North Korea. Even Russia's government had their files hacked and encrypted.

Its still fairly active, every one of these "Anonymous" claimed hacks during the Russia-Ukraine crisis are most certainly US state sponsored.

You only get the impression that it's "less active" because the media doesn't talk about it. In reality China, Russia, Iran and many other countries have accused the US of cyber attacks countless times already. We've been seeing it recently with US state-hackers going after Russian IT infrastructure and the mainstream media attributing the attacks to "Anonymous" as a coverup, even though there's no "Anonymous" group in existence.

It's not less active, they just get caught less. American intelligence is very good, we only hear about their screw ups in the news, however we don't hear about their many successful operations. The war in Ukraine has proven that, the US knew when the Russians would invade, they have provided intelligence and cyber warfare capabilities to Ukraine and have been invaluable in halting Russia.

I can tell, most of cyber warfare national operation are outsourced.

Hmm, I /wonder/ who could be behind this

If it's in a tactical situation, they likely use a script prepared beforehand that tells their worm to execute its payload.

@@user2C47 but they have to access the system in order to even get the worm inside.

...because it's a movie

The major intelligence agencies are the biggest benefactors of this disaster. They will sooner see the world bun than see some private email they cannot decrypt.