Security News > 2024 > March > Zero-day exploitation surged in 2023, Google finds
2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries and drivers, as they can affect multiple products and effectively offer more possibilities for attack.
Another interesting conclusion from Google's recent rundown of the 97 zero-days exploited in-the-wild in 2023 is that there's a notable increase in targeting enterprise-specific technologies.
Google's MiraclePtr has made exploitation of use-after-free bugs in the Chrome browser plummet, and iOS's Lockdown Mode protects against many exploit chains seen in 2023.
Commercial surveillance vendors and APT groups involved in cyber espionage are the most prolific users of zero-day exploits.
"The People's Republic of China continues to lead the way for government-backed exploitation. PRC cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022, more than we were able to attribute to any other state and continuing a trend we've observed for multiple years," the analysts shared.
In 2023, financially motivated groups leveraged only 10 zero-days, with FIN11 being the most prolific since its pivot involving the deployment of Cl0p ransomware after exploiting of zero-days in popular enterprise file sharing solutions.
News URL
https://www.helpnetsecurity.com/2024/03/28/zero-day-exploitation-2023/
Related news
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Google: 70% of exploited flaws disclosed in 2023 were zero-days (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)