New cyberattacks that emerged in 2024

Have you heard about Zero-Day attacks? These are new and unknown cyberattacks for which protection systems, such as antivirus software, are not yet prepared to handle.

In this article, we will detail what Zero-Day attacks are and the types that have emerged so far in 2024.

Zero-Day attacks: What are they?

These attacks exploit vulnerabilities that have not been detected even by the software distributor itself (Microsoft, Google, Adobe, etc.). Cybercriminals take advantage of these vulnerabilities to achieve their objectives before the manufacturers release a software update to fix them.

These cyberattacks are characterized by:

• Unknown vulnerability: Since the vulnerability discovered by the cybercriminal is not known to the software manufacturer, there are no specific defenses available to remedy it.
  
  

• Rapid exploitation: Once the cybercriminal finds the vulnerability, they exploit it as quickly as possible to achieve their objective before it is 'patched' by the manufacturer.
  
  

• Difficulty of detection: These attacks are difficult to detect because the vulnerability has not yet been discovered.

  In 2024, several significant zero-day attacks have been detected that have affected various platforms and applications.

Zero-Day attacks: 2024

Zero-day in Windows

Microsoft patched a zero-day in Windows that had been exploited for over a year. This attack allowed the execution of malicious scripts by bypassing built-in protections.

Read the full story by clicking the button below.

Zero-day in Google Chrome

Google has addressed multiple zero-day vulnerabilities in its Chrome browser. These attacks have been actively exploited, forcing the company to release urgent security updates.

Read the full story by clicking the button below.

Vulnerabilities en Google Pixel 

Zero-day exploits specifically targeting Google Pixel phones were discovered, highlighting threats aimed at mobile devices.

Read the full story by clicking the button below.

Dispositivos de borde de red

There has been an increase in zero-day exploits targeting network edge devices, representing a significant weak point in current security defenses.

Some examples:

• https://tecnemia.com/a/4408/Vulnerabilidad-zero-day-en-productos-VPN-de-Check-Point-compromete-redes

• https://es.wired.com/articulos/hackers-atacaron-redes-de-gobierno-en-todo-el-mundo-tras-burlar-tecnologia-de-seguridad-de-cisco

To mitigate zero-day attacks, keeping devices up to date is of utmost importance.

Reasons to keep your devices updates to prevent Zero-Day cyberattacks

• Security: Updates often include patches for security vulnerabilities that cybercriminals could exploit. Without these updates, systems are more susceptible to attacks.

• Performance improvements: Updates can optimize software performance by fixing bugs or enhancing efficiency.

• Compatibility: Updating ensures that software and devices work properly with new technologies and services.

• New features: Updates frequently introduce enhanced features that can improve user experience.

• Regulatory compliance: Keeping software updated may be necessary to meet legal regulations and industry standards, reducing legal and financial risks.

Additionally, having a cybersecurity specialist who constantly monitors your systems will help keep your system protected.