Within just a three-month period, Kaspersky Lab technologies automatically detected a unique occurrence of three zero-day exploits in the wild. All of them were found in APT attacks in the Middle East and Asia.
Attacks that go through zero-day vulnerabilities continue to be among the most dangerous, as they involve the exploitation of an undiscovered and unfixed weakness. This, though, makes them particularly difficult to detect and prevent. If such a vulnerability is found by criminals first, it can be used to create an exploit – a special malicious program that will have open access to an entire system. This “hidden threat” attack scenario is widely used by sophisticated actors in APT attacks and was used across all these three incidents.
Security researcher Anton Ivanov is head of the team of researchers that, in collaboration with Kaspersky Lab GReAT, disclosed zero-day vulnerabilities in Microsoft Windows OS following Kaspersky Lab mechanisms detecting the exploit. In this webinar, Anton will share the details of the work done by his team while working on the following zero-days vulnerabilities:
•CVE-2018-8453
•CVE-2018-8589
•CVE-2018-8611
Anton will elaborate on the technologies that made it possible to detect these exploits and discuss the process of searching and finding such vulnerabilities – including both technical and ethical (such as responsible disclosure) aspects.