Compliance Challenges and Unrealistic Budgets
March 10, 2020Bounty Programs
March 10, 2020Zero-Day Exploits on the Rise
A zero-day vulnerability is a flaw within a hardware or software system that developers didn’t discover during the testing process.
A zero-day vulnerability is a flaw within a hardware or software system that developers didn’t discover during the testing process.
That vulnerability can be exploited by malware to cause all sorts of problems. Zero-days are dangerous, prized vulnerabilities, and exploiting them is a favorite activity of malicious hackers. Once the flaw is revealed, programmers have “zero days” to do anything about it.
In January 2020, a Microsoft zero-day was discovered, involving Internet Explorer, that would allow someone to gain remote access to a computer. Also in January, Chinese hackers used a zero-day in the Trend Micro OfficeScan antivirus system used by Mitsubishi Electric to gain access to the company’s network.
The Italian spyware maker Hacking Team (HT) helped bring zero-days into the spotlight when it was found selling commercial hacking software to law enforcement agencies in countries all over the world. Data leaked from HT, along with a massive dump of 400 gigabytes of internal emails, revealed a number of zero-day exploits. The HT breach helped to shine a light on a growing zero-day marketplace, with information identifying certain exploits being sold for as much as $500,000.
Tools to exploit vulnerabilities will be in greater demand in the near future.
Related trends
This trend is part of our section on Security. Other trends in this section include:
- Bounty Programs
- Magnetic Tape Supply Shortages
- Biometric Malware
- State-Sponsored Security Breaches
- Critical Infrastructure Targets
- Offensive Government Hacking
- Zero-Day Exploits on the Rise
- Zero-Knowledge Proofs Go Commercial
- Gaining Access to Backdoors
- Remote Kill Switches
- Insecure Supply Chains
- Data Manipulation Becomes The Greater Threat
- Consumer Device Targeting
- Cyber Risk Insurance
- A.I.-Powered Automated Hacking Systems
- Hijacking Internet Traffic
- DDoS Attacks on the Rise
- Third-Party Verified Identities
- Ransomware-as-a-Service
- Decentralized Hacktivists
- Targeted Attacks on Voice Interfaces
- Weird Glitches
- Open Source App Vulnerabilities
- Global Cybersecurity Pacts
- Proliferation of Darknets
This trend is related to the following industries:
Accountants, Advertising and Public Relations, Aerospace, Agriculture, Airlines, Alternative Energy Production & Services, Architectural Services, Auto Manufacturers, Banking, Bars & Restaurants, Beauty, Beer, Wine and Liquor, Book Publishers, Broadcasters, Radio and TV, Builders/General Contractors, Cable & Satellite TV Production & Distribution, Casinos/Gambling, Chemical & Related Manufacturing, Civil Servants/Public Officials, Clergy & Religious Organizations, Clothing Manufacturing, Commercial TV & Radio Stations, Construction, Corporate Boards & Directors, Covid-19/ coronavirus, CPG, Cruise Ships & Lines, Defense, Diplomacy, Doctors & Other Health Professionals, Drug Manufacturers, Education Colleges & Universities, Education K-12, Education Online, Education Trades, Electric Utilities, Entertainment Industry, Environment, Finance, Foreign & Defense Policy, Gas & Oil, Government - International, Government - National, Government - State and Local, Health Professionals, Heavy Industry, Hedge Funds, Hospitality, Hotels/Motels/Tourism, Human Resources, Information Technology, Infrastructure, Insurance, Law Enforcement, Lawyers/Law Firms/Legal Industry, Lobbyists, Luxury Retail, Magazines, Manufacturing, National Security, News Media, Non-profits/Foundations/Philanthropists, Online Media, Pharmaceuticals/Health Products, Private Equity, Professional Sports, Radio/TV Stations, Real Estate, Retail, Technology Company, Telecommunications, Trade Associations, Transportation, Travel Industry, TV Production, TV/Movies/Music, Urban Planning, Utilities, Venture Capital, Waste Management, Work (Future of)