When browsing the Internet, there are many threats and security problems that we can find. They may jeopardize our security and privacy. Any type of device or operating system can be affected by this problem. However, there are also many security tools that help us resolve these types of risks. A good antivirus, for example, can prevent malware from entering. The point is that some so – called Zero-Day attacks cannot be avoided with antivirus. In this article we are going to talk about what common methods can be used in these types of attacks.
Common methods in Zero-Day attacks
What are Zero-Day attacks ? Zero-day attacks are basically attacks against an application or system in which they execute malicious code by taking advantage of existing vulnerabilities. Those bugs are unknown until then and therefore do not have patches to correct them. That gives hackers free rein.
There are many exploits on the network that take advantage of just what we say: existing vulnerabilities in an application or system. This can allow the theft of passwords, infect the computer with malware, etc. It is a major issue as there is no protection and we rely on developers to release patches quickly once they have known about the problem.
According to a report that we echo, antivirus has traditionally managed to prevent the entry of known malware. Basically they have a database of known threats and are capable of raising the alarm when they try to attack our computers. The problem comes when those antivirus programs are not able to avoid other types of threats. They mainly expose four attack methods or ways based on Zero-Day attacks.
One of the attacks is to compromise systems through brute force . Hackers can compromise a system, the network or a server using this type of attack. In this way it can attack possible failures when configuring them. It can be based on existing vulnerabilities.
Exploit kits are also very present. In this case it is a series of tools that are used to attack an application or any type of software that may be vulnerable. This way it would be easy to distribute the malware.
In addition, Phishing attacks are a very present threat that cannot be detected by antivirus, beyond being able to block certain domains and email addresses. A cyber criminal can send an email containing malicious links through which they can steal our passwords.
One variety is Spear Phishing . As we know, these are attacks that are targeted in a personalized way. It can be to a particular user or also to a company or organization. The goal is the same: distribute malware, executable software, steal passwords …
In short, these are some of the threats that can occur and that antivirus software could not avoid. It is always essential to have common sense and avoid these problems. We leave you an article where we talk about what types of Phishing attacks there are .