FireEye, a network and security analyst agency, has published a report in which it analyzes the 2013 0days exploits along with context around the threat these vulnerabilities pose to the corporate enterprise.The report also suggests preventive and remedial measures against 0day attacks.
The report writes that 0day exploits today are causing incredible loss to corporate industry. These exploit facilitates advanced attack against relatively out-dated security measures and cyber defense put up by organisations.
Last year’s Council on Foreign Relations and the U.S. Department of Labor were attacked exploiting 0days , FireEye said. FireEye further says that Looking beyond just blocking these vulnerabilities, FireEye forensics experts found that watering-hole attacks targeting specific audiences and industries are a rapidly rising trend in the attack space.
FireEyes said that during the first half of 2013, Java was common target for 0day attacks. However, in second half of the year, IE sustained increased 0day attacks. In 2013, FireEye analyzed 767,318 unique Command and Control (CnC) communications, or more than one per minute; and 22,509,176 total CnC communications, or more than one every 1.5 seconds on average.
FireEye’s latest report provides advice on how networks, incident response, and application management should be approached to deal with today’s advanced, unknown threats, and recommends that enterprises take the certain actions.
View full post on Who Got Hacked – Latest Hacking News and Security Updates