Dark Web Hackers Target Zero-Day Vulnerabilities
Consumers of some of the largest US tech giants are at the mercy of dark web hackers, as of lately. With the recent revelation of a large scale number of Zero-day bug vulnerabilities, hackers can easily infiltrate tech gadgets and use them to unleash malicious codes.
Tech giants such as Google, Microsoft, Samsung, and Apple are just a few of the top electronics consumer brands that have been affected by critical bugs. The vulnerabilities that can bypass Multi Factor Authentication allow the infiltration of dark web hackers, who are notorious for launching crippling cyber hacking attacks.
Project Zero’s Ryan Schoen reported on the urgent patch for the Zero-bug trend, in accordance with each tech giant disclosure policy. And in keeping with the industry standard of quickly reporting and fixing vulnerabilities, the Project Zero disclosure is in this blog post.
Reportedly, Linux within 25 days was the quickest to get rid of the reported bugs. Google had its bug issue remedied within 44 days, and Mozilla Firefox took 46 days. In addition, Samsung Zero day bugs were fixed in 72 days, and the Microsoft tech team reported 83 days. Oracle was the slowest of the lot; its team of technicians took an average of 109 days, however, the tech company only discovered seven Zero day bugs.
Top Browsers’ Zero-day Patches Update
Amongst top open-source browsers – Google’s Chrome provides patches within the shortest time recorded at 30 days. The Mozilla Firefox team followed with 38 days, and the longest period goes to Safari with 73 days total.
With the shortest recorded time, Google’s switch from six to a four week patch release cycle did not go unnoticed by the project Zero team. The Chrome tech team was praised for their quick and stable releases of critical security updates.
Apple’s fast fix rollout was criticized for the lengthy shipping time to users of its WebKit patches. Accordingly, Schoen warned, “It leaves a very long amount of time for opportunistic dark web hackers to find the Zero-day bugs loopholes and exploit it prior to the fix being made available to users”.
However, Microsoft was blamed for its “the monthly cadence” with its rollout of ‘Patch Tuesday’ updates. With the reported monthly rollout, the company puts its consumers at risk to be targeted by dark web hackers.