Blog

Zero Day Exploits: Advanced Cyberattacks

June 24, 2021
Jeff Ahlerich

Zero-day vulnerabilities refer to new vulnerabilities that are typically discovered by an independent researcher or “bug bounty hunter” which are then validated by the original developer of the software. It essentially means that the developer has “zero days” to address the issue. The problem is, that vulnerability may have already been exploited by cybercriminals.

ANATOMY OF A ZERO-DAY ATTACK

Discovering and exploiting a previously unknown vulnerability is the ultimate prize for cybercriminals. To them, it means they are one step ahead of developers. The zero-day attack typically goes down like this:

  1. Identify vulnerabilities: Cybercriminals will either test open-source code and proprietary applications for vulnerabilities or they will purchase information on vulnerabilities that are not yet public.
  2. Create a kit, script, or process. Cybercriminals will then create a kit, script, or process to exploit the newly discovered vulnerability.
  3. Identify vulnerable systems. The next step is to find an entry point into the system using automated scanners, bots, or manual probing.
  4. Plan the attack. The strategy and tactics used in this plan will depend greatly on the type of attack the cybercriminal would like to unleash.
  5. Infiltrate the system and launch the malicious code. The last step is to put the plan and malicious code into action. Unfortunately, it’s not uncommon for all five of these steps to occur well before the software developers have discovered the vulnerability and released a patch.

RECENT EXAMPLES OF ZERO-DAY CYBERATTACKS

Preventing zero-day attacks presents a significant challenge. They often come without warning and can wreak havoc on your system until a patch is released. The best way to improve your security and reduce risk is to stay alert and learn from recent zero-day attacks.

  • Microsoft. In 2020, Microsoft warned users about two separate vulnerabilities. Unfortunately, despite uncovering the vulnerabilities, Microsoft admitted that it was unable to immediately provide a security patch. Instead, these vulnerabilities left a door open for cybercriminals … and they took advantage of that opportunity. “The attacks targeted remote code execution (RCE) vulnerabilities in the Adobe Type Manager (ATM) library … the flaws in ATM enabled attackers to use malicious documents to remotely run scripts.”
  • Internet Explorer. Microsoft’s legacy browser also fell victim to a zero-day scenario. In this case, the vulnerability occurred in Internet Explorer’s v9-11 version as a result of a flaw in the way the scripting engine managed objects in memory. Attackers then used phishing to direct people to websites that intentionally exploited this flaw.
  • Google Chrome. In late 2020, Google Chrome 86 revealed two significant vulnerabilities that were exploited. One vulnerability was described as an inappropriate implementation issue affecting V8 JavaScript. The other is a “use-after-free” bug related to site isolation. Google quickly released security patches to address these flaws, but not without a significant cost.

These are just three recent examples, but they are certainly not the only examples of zero-day vulnerabilities that cybercriminals exploited.

THE BEST WAY TO PROTECT YOUR BUSINESS

No business can protect all its systems and SaaS applications against zero-day attacks, regardless of whether it is Office 365, G Suite, or Salesforce. The attacks are only going to get bigger and bolder, as experts believe the frequency of zero-day attacks will rise to one per day by 2021, as opposed to one per week in 2015.”

The inherent challenge with zero-day vulnerabilities is they are, by all intents and purposes, unknown. The best way to protect yourself and your business is to stay informed about all software and applications within your environment and apply security patches immediately. We strongly recommend subscribing to and closely monitoring a threat intelligence service/feed such as those found here.

Additionally, it’s a good long-term practice to practice safe online security habits, including configuring your security settings for your operating system, browser, and security software, as well as implementing network access controls.

Next-gen antivirus solutions, as well as endpoint detection and response solutions and IP security, can provide an extra layer of protection for your network.

«  Back To All Articles
Next Article
  »
Misconfigurations for Office 365
5 Most Common Attacks That Dodge Your Firewall.
4 Pentest Paradoxes You Must Get Right
Do a Risk Assessment before buying MDR
6 Rules of Engagement for any Penetration Test
Cyber Alliance Program
Your Perimeter is Disappearing
Cybersecurity Acronyms for Retirement Administrators
XDR, MDR, SOAR - Acronyms of Cybersecurity Detection & Response
Test Blog Post 3
Test Blog Post 2
White Paper - XDR for Retirement Systems
The Total Cost of Ransomware - 7 Categories
The Power of Data Continues to Grow
Who Shares Responsibility for Data Security in a Health Crisis?
Identifying Cloud Security Gaps in a Remote Workforce
Mid-year Threatscape Assessment and Review of Significant Cyber Incidents
Front Line Report: 2020 Election Cybersecurity Threats
The Rising Stakes of Compliance: GDPR, CCPA, and Others
Increasing Healthcare Cybersecurity With a Proactive Defense Strategy
5 Ways to Lower Risk and Maintain Privacy in Your Organization
9 Tips for Detecting and Preventing DDoS Attacks
5 Ways to Secure Your Access Control Vulnerabilities
6 Strategies to Prevent SQL Injection Attacks
7 Commonly Neglected Security Tasks: DMARC, DNS Calls, And More
The Impact Of A Cyber Attack On A Nation
History Matters: Cyber Attacks From The 1980S
What Healthcare Organizations Need To Know About Samsam Attacks
Reflecting On 2019: Blockchain, AI, Machine Learning, Cryptojacking, And More
California Consumer Privacy Act (CCPA): What You Need To Know
Why Covid-19 Phishing Criminals Love Machine Learning (Ml)
Malicious Bot Activity Continues To Rise As Employees Work From Home
How Crypto-Agile Is Your Organization?
How Businesses Can Prepare For The Coming Iot Surge
Where To Find Cybersecurity Help: Addressing The Security Expert Shortage
Ransomware: To Pay Or Not To Pay?
How Expensive Is A Data Breach?
Looking Ahead: The Cybersecurity Landscape In 2021
Attack On Solarwinds Infiltrated U.S. Government Networks: What It Means For You
5 Best Practices To Secure Your Remote Workforce
Top 5 Most Dangerous Ransomware Attacks — And How To Protect Your Business
Reduce Data Breach Costs With Artificial Intelligence
5 IoT Trends To Continue Watching In 2021
AI Poisoning: What You Need To Know To Protect Your Business
Zero Day Exploits: Advanced Cyberattacks
Why Users Should Never Auto-Fill Forms: Browser Exploit Overview
Don't Be Fooled By Padlocks And SSL Certificates
5 Ways To Shield Executives From Whaling Attacks
How Artificial Intelligence (AI) Is Helping Cyber-Criminals
Why Breaches Are Becoming More Difficult To Defeat
History Matters: Cyber Attacks From The 1960S
History Matters: Cyber Attacks From The 1970S
History Matters: Cyber Attacks From The 1990s
History Matters: Cyber Attacks From The 2000S
The Rise Of Mobile Malware
Growing Concerns Over Voice Phishing Scams
Stopping The Spread Of 5G Security Vulnerabilities
Why Small Business Is A Big Cyber Crime Target
Feeling The Heat: Geopolitical Cybersecurity Threats
The Role Of Artificial Intelligence In Effective Cyber Attacks
Absolute Zero: Zero Trust And Zero Standing Privileges
Data Security Challenges in the New Era of Remote Work
Why Penetration Testing Has Never Been More Important
5 Ways to Protect Your Business From Phishing Attacks in 2021

join our email list

Security Pursuit logo
LinkedIn iconlinkedintwitter logoTwitter iconFacebook iconFacebook icon
Professional ServicesProduct Solutionsaboutpartnersblogcontact
denver office
2000 Araphahoe Street, Suite 1
Denver, CO 80205
720-675-7668
LinkedIn iconlinkedintwitter logoTwitter iconFacebook iconFacebook icon
san francisco office
2315 Montgomery Street, 10th Floor
San Francisco, CA 94104
415-735-4225
© 2021
Designed by H1 Web Development