Here Are The Recent Zero-Day Attacks – 2019 To Give You A Glimpse Of What A Zero-Day Vulnerability Is Capable Of
A Zero-day attack exploits a security vulnerability in an application that has not been detected yet by the user of the software. Hence, until someone identifies the vulnerability, the hacker may be able to exploit it and have access to all sensitive information in the system.
Patches and security updates are released from developers only when these vulnerabilities get discovered. So, the question now is, how are zero-day attacks discovered? Unfortunately, most of the time it is only exposed after the attack has already taken place. However, it may also be discovered by developers or security researchers who continuously keep monitoring it. Until then, these vulnerabilities remain dormant for weeks to months to even years, and cybercriminals are constantly trying their best to find any such vulnerabilities before these are discovered by software vendors or security researchers.
Since the hackers can find the vulnerability before the software providers, it is termed as a zero-day attack.
Zero-Day Attack Examples
Here are some of the most famous recent zero-day attack examples of 2019 that were in news globally:
Attack #1 – Windows Zero-Day Attack – February 2019 (CVE-2019-0797)
In February 2019, Vasiliy Berdnikov and Boris Larin from Kaspersky first reported the presence of this windows zero-day vulnerability in win32k.sys in Windows OS. When the issue was reported to Microsoft, they quickly released a patch and assigned a Common Vulnerabilities and Exploits number of CVE-2019-0797. These vulnerabilities were found to have been exploited by threat groups like SandCat, FruityArmor, etc. The exploit was found only in 64 bit Windows 8 and Windows 10 systems.
Attack #2 – Microsoft Windows OS Attack – June 2019 (CVE‑2019‑1132)
In June 2019, another zero-day attack was detected in win32k.sys component by ESET researchers. The vulnerability was reported immediately to Microsoft, and they duly accepted the presence of the vulnerability with a local privilege escalation in the component. The Microsoft response center fixed and released a patch in no time. The vulnerability exists only on Windows 7 and earlier operating systems.
Attack #3 – Google Android Smartphone Attack – October 2019 (CVE-2019-2215)
In October 2019, Threat Analysis Group (TAG) detected a vulnerability in several Android Kernel versions, including 3.18, 4.14, 4.4, and up to 4.9. Ironically the flaw was a known vulnerability, and Google thought it had it fixed in 2017 even though a CVE was not assigned to the vulnerability. But the TAG team found the vulnerability still active, and the Israeli NSO groups could have taken advantage of it.
Attack #4 – Google Chrome Browser Attack – October 2019 (CVE-2019-13720)
In October 2019, Google stated a zero-day vulnerability present in the Google Chrome browser. Chrome users were asked to update their browsers immediately for zero-day protection. This vulnerability was also called a use-after-free vulnerability because this vulnerability allowed hackers to execute malicious code quickly. It primarily affects the audio component and pdf features of the chrome browser.
The above examples only provide a glimpse of the recent zero-day attacks in 2019, and there could be many which went unnoticed, never disclosed or reported. This shows how adversaries were able to exploit the undiscovered vulnerabilities and prepared to feast on them. Enterprises around the world are spending vast amounts of money on white-hat hackers (or ethical hackers) for identifying any severe vulnerabilities, investing in zero-day attack prevention tools and solutions to protect their applications, networks, and information systems. But still, hackers are, at times, able to identify these vulnerabilities somehow before anyone does and create havoc in cyberspace. It is, therefore, essential for an organization to get the employees, clients, and contractors to familiarize themselves with the latest zero-day attacks so that they practice necessary due care and are well prepared in case of an incident.
Join 7500+ Organizations that use Phish Protection
Phish Protection works with System Administrators, IT Professionals and IT Executives in thousands of companies worldwide. Sign up and protect your organization from phishing attacks in less than 5 minutes