Threat actors exploit zero-day threats to make an impact before the organizations get a chance to patch them.
Recent zero-day attacks
In recent months, several well-known software products were found containing zero-day vulnerabilities. Further, attackers create exploits for such vulnerabilities to gain access inside the targeted network.
Cybercriminals were seen exploiting a zero-day vulnerability in a WordPress plugin. The vulnerability was actively used by attackers to reset admin account passwords.
A critical escalation-of-privileges zero-day vulnerability (CVE-2020-4006) was found affecting six VMware products including its Workspace One, and others. Within a few days, this vulnerability was found to be abused by attackers.
The cybersecurity agency Homeland Security urged users to update their Google Chrome, after detecting that attackers were using some zero-day vulnerabilities for attacks in the wild.
Other major discoveries
Several critical zero-day vulnerabilities (CVE-2020-25757, CVE-2020-25759, CVE-2020-25758) were disclosed in D-Link routers that could allow root access to the firmware.
Six zero-day vulnerabilities were discovered in Schneider Electric StruxureWare, a management application that could be used by attackers to carry out particular attacks.
In early-December, a now-patched critical iOS bug was discovered that could have allowed complete control to any device.
Several zero-day vulnerabilities were discovered in healthcare records application OpenClinic, which could be exploited to expose patients’ test results.
The cPanel & WebHost Manager (WHM) web hosting platform was found to have a zero-day two-factor authentication bypass flaw, that could affect over 70 Million domains.
Effectively stopping zero-day attacks is a significant challenge for organizations. However, there are several strategies for detecting malicious activity such as statistics, signature, and behavior-based detection, and all of them can be combined together to help you stay protected. In addition, experts recommend having multiple layers of security that could complement each other for robust security against such threats.