Zero-day Threats Zeroing-in Again

Zero-day vulnerabilities are one of the preferred attack techniques used by several attackers, and such attacks are increasing again. Threat actors are actively abusing new zero-day vulnerabilities to accomplish multiple goals such as espionage, gaining access, data theft, or malware delivery. Recently, a zero-day vulnerability has been discovered in Windows 10 which can corrupt an NTFS-formatted hard drive with a one-line command.

Recent zero-day attacks

Several attackers have been observed targeting their victims via zero-day attacks.
  • A few days ago, some hackers had reset passwords for admin accounts on WordPress sites via abusing a zero-day vulnerability in Easy WP SMTP 1.4.2.
  • Additionally, the Pegasus spyware was used to exploit a zero-day in the iMessage feature of iPhones.

Zero-day for access-as-a-service

Cybercriminals have been observed selling Zero-day vulnerabilities on the dark web for money, which is then used as an access-as-a-service, for deploying ransomware, malware, or for creating a botnet network.

Recent zero-day vulnerabilities

In the past two months, several well-known software and hardware vendor products have been found impacted by zero-day vulnerabilities. Most of these products belonged to Microsoft, WordPress, Apple, Hewlett Packard Enterprise, and D-Link.  

Conclusion

Zero-day attacks usually abuse publicly unknown vulnerabilities, making it harder for organizations to detect them. Thus, experts suggest deploying a reliable web application firewall, always updating and patching software, using only essential applications, and having a multi-layered security architecture to protect their enterprise environment.

Cyware Publisher

Publisher

Cyware