Some of it, to be fair, is through word of mouth. With tech being such a broad field and vulnerabilities being discovered left and right, us tech professionals need as much help compiling all of that information into digestible chunks, which is why some of us listen to security podcasts or read The Register daily. Hackers have that same level of information – it really comes down to whether or not we can protect against it. Some risks we have to accept in order to keep the business going, and not everyone is up to date on the latest and greatest patches – there’s a number of data acquisitions that go back to bad patch management. Doesn’t take a genius to be informed and to keep that information in their back pocket for later.

As one who has subbed to this group merely out of curiosity, I think this is a great question. Aside from trying out commonly known weaknesses, how do they find zero day exploits in new releases of operating systems and programs?

As with most other achievements: loads of experience, a lot of hard work and a bit of luck. Did you have anything specific in mind?

It all boils down to understanding how a system works very deeply. And then a dash of creativity to find a weakpoint in that.

Do you have a specific exploit in mind?