Zero-day event response

When a serious new cyber weakness is discovered, the right questions become critical. Are you affected? What does this mean for your organisation? What should you do next?

KYND, a cyber risk analytics specialist, helps answer those questions by determining whether your organisation is exposed and providing clear, practical guidance on what to do next.

First thing first. What is a zero-day vulnerability?

A zero-day vulnerability is a newly discovered flaw in widely used software or technology. Because it is new, there may be no fix available yet (‘zero-day’ refers to the number of days a software developer has known about a newly discovered vulnerability – zero). Cybercriminals often move quickly to exploit these weaknesses, meaning organisations can be exposed before they even realise a problem exists.

Not every newly reported flaw becomes a real-world threat. The challenge is knowing which vulnerabilities are actively exploited and require immediate attention.

Examples of actively exploited zero-day vulnerabilities affecting enterprise software include the critical flaw in Ivanti Connect Secure appliances, the zero-day in Progress MOVEit Transfer widely abused in large-scale data theft campaigns, and the PAN-OS firewall zero-day impacting Palo Alto Networks devices used across corporate environments. These incidents show how vulnerabilities in widely deployed business systems can be weaponised quickly, often within days of disclosure.