Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Zero-Day Vulnerabilities Rose in 2014: Symantec

Two hundred and ninety-five – that is the combined total of days attackers were actively exploiting the five most targeted zero-days last year before they were patched, according to a new report from Symantec.

Two hundred and ninety-five – that is the combined total of days attackers were actively exploiting the five most targeted zero-days last year before they were patched, according to a new report from Symantec.

In its latest Internet Security Threat Report, Symantec painted a picture of a banner year for zero-day exploits. According to the firm, not only did zero-days increase, the exploitability window did as well, as it took an average of just four days apiece for the top five zero-days exploited in 2013 to be patched.

“Within four hours of the Heartbleed vulnerability becoming public, Symantec saw a surge of attackers stepping up to exploit it,” according to the report. “Reaction time has not increased at an equivalent pace. Advanced attackers continue to favor zero-day vulnerabilities to silently sneak onto victims’ computers, and 2014 had an all-time high of 24 discovered zero-day vulnerabilities. As we observed with Heartbleed, attackers moved in to exploit these vulnerabilities much faster than vendors could create and roll out patches.”

While attackers leveraged zero-days, they also continued to hit networks with targeted spear-phishing attacks. According to Symantec, those attacks increased by eight percent in 2014. Attackers appear to have gotten more precise as well – 20 percent fewer emails were used to successfully reach their targets. They also incorporated more drive-by malware downloads and other web-based exploits.

“In 2014, we saw attackers trick companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them,” bloogged Kevin Haley, director of product management for Symantec Security Response. “Once a victim had downloaded the software update, attackers were given unfettered access to the corporate network. Highly-targeted spear-phishing attacks remained a favorite tactic for infiltrating networks, as the total number of attacks rose eight percent. What makes last year particularly interesting is the precision of these attacks. Spear-phishing attacks used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits.”

The year also saw an increase in ransomware attacks, which grew 113 percent last year. In particular, there were 45 times as many victims of crypto-ransomware attacks than in 2013, according to the report. In a recent survey from ThreatTrack Security, 30 percent of the 250 organizations polled said they would negotiate with a cyber-criminal to get their data back.

“Instead of pretending to be law enforcement seeking a fine for stolen content, as we’ve seen with traditional ransomware, crypto-ransomware holds a victim’s files, photos and other digital media hostage without masking the attacker’s intention,” Haley blogged. “The victim will be offered a key to decrypt their files, but only after paying a ransom that can range from $300-$500 with no guarantee their files will be freed. While these attacks have traditionally only plagued PCs, we’re seeing more ransomware crop up on other devices. Notably, we observed the first piece of crypto-ransomware on Android devices in 2014.”

 

Written By

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.