It appears to be in vogue again to talk about the definition of "zero day" so here is my take:
A "0day" is an EXPLOIT of a vulnerability that is generally unknown to the public (I call this "undercover" since somebody must know about it, but the good guys don’t). There is no such thing as a "0day vulnerability" because 0day is about action, not state. More here.
That said, I don’t really expect this to change anything (here’s why), which is why I have moved to definitions for "undercover exploit" and "undercover vulnerability" as long as the extra-complicated but completely clear "in-the-wild exploit against an undercover vulnerability."
And I still like "Null Tag" better than any of the rest.
Australia Waterfowl, Philosophy, and Zero Day Events
What do philosophers pontificating about swans have to do with risk management? Sometimes everything.
Peter Lindstrom asks if Freak Accidents are Black Swans? Good thought provoking question!
Lets consider what a Black Swan isR…
Man, you are a real freaking idiot. You know that?
@not -
ummm, can you enlighten me? (also, any reason you aren’t comfortable insulting me and signing your real name?)
Pete