Rethinking Ransomware Payments: A Fool's Choice
Blog

Protect Your Networks from Zero-day Attacks

Technology


Zero-day attacks can be a developer’s worst nightmare. They are unknown flaws and exploits in software and systems discovered by attackers before the developers and security staff become aware of any threats. These exploits can go undiscovered for months or even years until they’re repaired.

Google’s bug hunters say they spotted 58 zero-day vulnerabilities being exploited in the wild last year, the most ever recorded since its Project Zero team started analyzing these in mid-2014.

This is more than double the earlier record of 28 zero-day exploits detected in 2015. And cybercriminals are still using the same old techniques to get away with their mischief.

Of these 58 security flaws abused last year, 56 are similar to previously known vulnerabilities. Thirty-nine, or 67 percent, were memory corruption vulnerabilities, and most of these fall into the following familiar bug classes: 

  • 17 use-after-free
  • 6 out-of-bounds read & write
  • 4 buffer overflow
  • 4 integer overflow

Of the vulnerabilities examined, Chromium/Chrome had the most exploits, followed by Windows, Safari, Android, Microsoft Exchange Server, Internet Explorer and macOS/iOS.

How to secure your networks

Just as more companies continue to grow their businesses online, so, too, will the need for robust cybersecurity measures. Along with more surface-level tools like firewalls, companies should invest in three additional security measures.

  • The first is a data backup solution so that any information compromised or lost during a breach can easily be recovered from an alternate location.
  • The second is encryption software to protect sensitive data, such as employee records, client/customer information and financial statements.
  • The third solution is two-step authentication or password-security software for a business’s internal programs to reduce the likelihood of password cracking.

As you begin considering your options, it’s generally a good idea to run a risk assessment, either by yourself or with the help of an outside firm. Ready to get started? Contact Yeo & Yeo Technology today.

Source: https://www.theregister.com/2022/04/20/google_zero_days/

Want To Learn More?

Connect with one of our professionals today.