Employed by several attackers, Zero-day vulnerabilities are one of the most preferred attacking techniques of several attackers these days. Zero-day vulnerabilities are actively being abused by threat actors to accomplish their goals ranging from espionage, gaining access, data theft to delivering the malware as well.
Recently, a Zero-day vulnerability that can corrupt an NTFS-formatted hard drive with a one-line command was discovered in Windows 10.
Present-Day Attacks
Several attackers have been targeting their victims through the zero-day attacks.
- By abusing a zero-day vulnerability in Easy WP SMTP 1.4.2. some hackers recently reset the passwords for admin accounts on WordPress sites.
- The iMessage feature of iPhones was also exploited by using Pegasus Spyware.
It has been observed that for monetary gains, cybercriminals have been selling Zero-day vulnerabilities on the dark web, which are then used as an access-as-a-service for the deployment of ransomware, malware, or for creating a botnet network.
Recent Zero-Day Vulnerabilities
Several well-known software and hardware vendor products have been found jolted by zero-day vulnerabilities, in the last two months. Among the vendors that were affected, most of the products belonged to Microsoft, WordPress, Apple, Hewlett Packard Enterprise, and D-Link.
- Not long ago, a zero-day local privilege escalation vulnerability was discovered in the Windows PsExec management tool.
- A few weeks ago, a patched zero-day security vulnerability was disclosed by the Project Zero team of Google.
- Last month, Insight Manager (SIM) software for Windows and Linux was reported having zero-day vulnerability (CVE-2020-7200).
- A number of D-Link VPN routers were also found having Zero-Day vulnerabilities.
Publicly unknown vulnerabilities are usually abused in a Zero-Day attack, making it a difficult task for organizations to detect them. Consequently, our internal experts suggest deploying a reliable web application firewall, always updating and patching software, using only essential applications, and having multi-layered security architecture to protect their enterprise environment.
To read more, please check eScan Blog
