Security News > 2024 > March > Zero-day exploitation surged in 2023, Google finds
2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries and drivers, as they can affect multiple products and effectively offer more possibilities for attack.
Another interesting conclusion from Google's recent rundown of the 97 zero-days exploited in-the-wild in 2023 is that there's a notable increase in targeting enterprise-specific technologies.
Google's MiraclePtr has made exploitation of use-after-free bugs in the Chrome browser plummet, and iOS's Lockdown Mode protects against many exploit chains seen in 2023.
Commercial surveillance vendors and APT groups involved in cyber espionage are the most prolific users of zero-day exploits.
"The People's Republic of China continues to lead the way for government-backed exploitation. PRC cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022, more than we were able to attribute to any other state and continuing a trend we've observed for multiple years," the analysts shared.
In 2023, financially motivated groups leveraged only 10 zero-days, with FIN11 being the most prolific since its pivot involving the deployment of Cl0p ransomware after exploiting of zero-days in popular enterprise file sharing solutions.
News URL
https://www.helpnetsecurity.com/2024/03/28/zero-day-exploitation-2023/
Related news
- Google: Spyware vendors behind 50% of zero-days exploited in 2023 (source)
- Miscreants are exploiting enterprise tech zero days more and more, Google warns (source)
- Google fixes Chrome zero-days exploited at Pwn2Own 2024 (source)
- Google fixes two Pixel zero-day flaws exploited by forensics firms (source)
- Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (source)
- Google fixes one more Chrome zero-day exploited at Pwn2Own (source)