April 18, 2023 / By Securium Solutions
Zero day vulnerabilities are a serious threat to modern computer systems and networks. These are security vulnerabilities that are not yet known to the software vendor or security experts. This means that attackers can exploit these vulnerabilities before they are discovered and patched, potentially causing significant harm to individuals, organizations, and even governments.
What Is Zero Day Vulnerability ?
A software or hardware fault known only to the manufacturer or programme developer is known as a zero day vulnerability. There is no patch or fix available to stop attackers from exploiting the vulnerability because it is unknown. As a result, attackers can leverage Zero day vulnerabilities to access personal information, install malware, or launch other types of assaults, making them extremely dangerous and valuable.
Zero day vulnerabilities are often discovered by attackers who are looking for new ways to exploit software or hardware. Once a zero-day vulnerability is discovered, attackers may sell it on the dark web to other attackers who can use it to launch attacks. Alternatively, attackers may keep the vulnerability secret and use it to target specific organizations or individuals.
Why this Exploit is Dangerous?
Because they can be leveraged to get around security safeguards and access sensitive data or systems, Zero day vulnerabilities are risky. These flaws can be exploited by attackers to set up malware, steal information, or carry out other attacks. There is no patch or fix available to stop assaults since exploit Zero day vulnerabilities are unknown to software makers and security professionals.
Zero day vulnerabilities are very challenging to find. Attackers may employ complex strategies to take advantage of weaknesses, such as code obfuscation or encryption to evade detection by security software. As a result, attacks can continue to take advantage of the vulnerability for extended periods of time without being detected.
Windows zero-day vulnerability exploited in ransomware attacks
- Microsoft has patched a zero-day vulnerability in the Windows Common Log File System (CLFS), actively exploited by cybercriminals to escalate privileges and deploy Nokoyawa ransomware payloads.
In light of its ongoing exploitation, CISA also added the CVE-2023-28252 Windows zero-day to its catalog of Known Exploited Vulnerabilities today, ordering Federal Civilian Executive Branch (FCEB) agencies to secure their systems against it by May 2nd.
Apple fixes recently disclosed zero days on older iPhones and iPads
- The first (tracked as CVE-2023-28206) is an out-of-bounds write weakness in IOSurfaceAccelerator that enables threat actors to execute arbitrary code with kernel privileges on targeted devices via maliciously crafted apps.
Today, Apple addressed the exploit zero days in iOS 15.7.5 and iPadOS 15.7.5, macOS
Monterey 12.6.5, and macOS Big Sur 11.7.6 by improving input validation and memory management.
General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen
- Leading Bitcoin ATM maker General Bytes disclosed that hackers stole cryptocurrency from the company and its customers using a zero-day vulnerability in its BATM management platform.
General Bytes makes Bitcoin ATMs allowing people to purchase or sell over 40 cryptocurrencies. Customers can deploy their ATMs using standalone management servers or General Bytes cloud service.
Google chrome Zero day vulnerabilities
Google has released Chrome 108.0.5359.94/.95 for Windows, Mac, and Linux users to address a single high-severity security flaw, the ninth Chrome zero-day exploited in the wild patched since the start of the year.
“Google is aware of reports that an exploit for CVE-2022-4262 exists in the wild,” the search giant said in a security advisory published on Friday.
How can organizations protect themselves from zero-day vulnerabilities?
1.Keep software up to date: While zero day vulnerabilities or Zero Day Attack are unknown to software vendors, they often release patches and updates to fix known vulnerabilities. Keeping software up to date can help to protect against known vulnerabilities.
2.Use anti-virus and anti-malware software: While these types of software may not be able to detect zero-day vulnerabilities, they can help to detect known malware and other types of attacks.
3.Limit access to sensitive data: By limiting access to sensitive data, organizations can reduce the risk of data breaches if a zero-day vulnerability is exploited.
4.Use intrusion detection and prevention systems: These types of systems can help to detect and block attacks that exploit zero-day vulnerabilities.
5.Conduct regular security assessments: Regular security assessments can help organizations to identify vulnerabilities before attackers can exploit them.
Conclusion:
Organisations and people are seriously threatened by Zero day vulnerabilities. There are methods that can be taken to lessen the risk even though it is hard to totally protect against these kinds of vulnerabilities. Organisations can lessen their chance of falling prey to zero day attacks by updating software, using anti-virus and anti-malware software, limiting access to sensitive data, utilising intrusion detection and prevention systems, and doing routine security assessments.
Author
Abdul Mannan
Cyber Security Intern
