Recent Zero-Day Attacks: Top Examples and How To Prevent It.

Recent Zero-Day attacks

Attack On Microsoft Windows, June 2019

The attack on Microsoft Windows that has targeted Eastern Europe was identified by a group of researchers from ESET in June 2019. The attack was regarding the local escalation privileges that were a vulnerable part of Microsoft Windows.

Since releasing a patch is the only option in such scenarios, once the threat was identified, the security center from Microsoft took the responsibility of rectifying it.

It can also be assumed similar to a phishing attack where the hackers attack people that are vulnerable to fall for scam emails as well as messages. Microsoft inadvertently left one point in favor of the attackers, and the attackers took advantage of the same.

The attack started via malware, which is also a type of phishing attack.

CVE-2019-0797

Another Zero-Day attack example is the one that infiltrated Microsoft Windows in Feb 2019 by (AEP) Automatic Exploit Prevention. It happened before the June 2019 exploit mentioned above. It was the fourth time that the vulnerability of win32k.sys was exploited, after which it was again attempted in June of the same year.

With the help of advanced technologies such as AEP for end-point products as well as BDE (Behavioral detection engine), the discovery of the attack was possible.

To identify if this was also a phishing attempt, technology such as an anti-malware engine was also used.

A patch was released immediately following the same; however, even after fixing it, the attack was attempted again.

CVE-2019-2215

This attack affected the android devices from Google due to the vulnerability known as Kernel privilege escalation. The TAG team from Google was the first to identify the same. It occurred via malicious apps that the hackers were using, who then sent out emails about downloading the same in the form of phishing.

Google will be releasing a patch this November to resolve the issue.

The DNC Hack

It was one of the most popular Zero-Day attacks. The data released about DNC or the Democratic National Committee was due to the recent Zero-Day attacks-2019. There have been about six zero-day exploited vulnerabilities, which are included in the zero-day vulnerability list – 2019, for gaining access to the stolen data. The state backed these discovered vulnerabilities by Russian hackers in Adobe Flash, Microsoft Windows, and Java. To operate on the vulnerabilities, the hackers got involved in a campaign of spear-phishing.

Unlike the phishing campaign, this spear-phishing campaign targeted specific individuals rather than the general public. The Russian hackers had sent out several emails containing booby-trapped links to phishing pages that stole passwords to people related to the DNC. People who clocked on tiny.cc and bit.ly concealed URLs surrendered the control of their personal computer and also the DNC network to the hackers.

Aurora

Operation Aurora had been a series of cyber-attacks that aimed at several organizations such as Juniper Networks, Adobe Systems, and Rackspace. As per the media reports, there were other organizations among the targets like,

• Dow Chemical
• Yahoo
• Morgan Stanley
• Northrop Grumman
• Symantec

Elderwood Group conducted the advanced level persistent threat that is based in Beijing and had an association with the People’s Liberation Army. The attacks had started in 2009 and had been disclosed for the first time by Google through a blog post on January 12, 2010. The discovery was related to the main goal of the attack. The principal aim was to gain access to and modify the source code repository at these defense, security, and high-tech contractor enterprises.