Recent Zero-Day Exploits
Standard defenses are powerless against zero-day threats
Zero-day attacks are cyber attacks against software flaws that are unknown and have no patch or fix.
It’s extremely difficult to detect zero-day attacks, especially with traditional cyber defenses. Traditional security measures focus on malware signatures and URL reputation. However, with zero-day attacks, this information is, by definition, unknown. Cyber attackers are extraordinarily skilled, and their malware can go undetected on systems for months, and even years, giving them plenty of time to cause irreparable harm.
Based on recently discovered types of zero-day attacks, it has become apparent that operating system level protection is becoming less effective, watering hole attacks are becoming more common, and cyber attacks are becoming more sophisticated and better at bypassing organizational defenses.
Recent Zero-Day Exploits and Vulnerabilities
FireEye has discovered 28 out of 49 zero-day exploits since 2013.