Zero-days in the wild: 2019 retrospective

Logo
Presented by

Boris Larin, senior security researcher at Kaspersky

About this talk

Attacks that involve zero-day vulnerabilities remain among the most dangerous with more and more investment into zero-day exploits taking place in the criminal world. Zero-day vulnerabilities involve the exploitation of an undiscovered and unfixed weaknesses, which makes them particularly difficult to detect and prevent. If such a vulnerability is found by criminals first, it can be used to create an exploit – a special malicious program that will have open access to an entire system. This “hidden threat” attack scenario is widely used by sophisticated actors in APT attacks and was used to conduct a number of incidents in 2019. Security researcher Boris Larin will present an overview of four zero-day vulnerabilities detected and disclosed by Kaspersky in 2019, following mechanisms that detected the exploit, which included Miscosoft Windows OS and Google Chrome exploits. In this session, Boris will share: •What is happening in the zero-day market •What framework was often used to implement many zero-day exploits •What work was done by him and his team when working on the following vulnerabilities: CVE-2019-0797, CVE-2019-0859, CVE-2019-1458, CVE-2019-13720
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (252)
Subscribers (57770)
On this channel, Kaspersky experts share their knowledge and key insights into high-fidelity threat hunting and intelligence, incident management, malware analysis, reverse engineering, security solutions, and several other vital aspects of the cyberworld. To keep you up to date, the experts also provide detailed webinars and workshops on how Kaspersky security solutions and services can halt and prevent a vast range of malicious attacks conducted by cybercriminals. Kaspersky is a global cybersecurity and digital privacy company that has been providing protection for 25 years, with over 400 million users from more than 200 countries. Kaspersky experts' mission is to help you find the perfect weapon to protect against any cyberthreat, carried out by even the most sophisticated cybercriminals. Kaspersky researchers are top-notch cybersecurity and protection technology experts, who regularly take part in leading information security events worldwide as best-in-class speakers. Kaspersky’s deep threat intelligence and security expertise is constantly being transformed into innovative security solutions and services that protect businesses, critical infrastructure, governments and consumers around the globe. Subscribe and learn more about the latest cybersecurity discoveries on the threat landscape and how to defend against them. Contact us at https://www.kaspersky.com/about/contact