AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

The rise of zero-day exploits in 2023: An in-depth look

A worrying increase that calls for a decisive reaction from the cybersecurity sector

In 2023, cyber attacks via zero-day exploits increased by 50% to 97 cases. These attacks, primarily targeting popular platforms and devices, are often linked to government espionage. Google and Mandiant highlight the need to strengthen security.

This pill is also available in Italian language

Recent revelations from Google highlight a marked increase in the use of exploits based on zero-day vulnerabilities, with a total of 97 cases identified in 2023, marking an approximate increase of 50% compared to the previous year. This type of attack, which exploits security gaps not yet known to defenders, is particularly insidious as it leaves victims zero days to react. TAG, the cybersecurity division of Google, and Mandiant, a leading cybersecurity company acquired by Google in 2022, collaborated on this study that sheds light on the growing threat.

The main victims of zero-day exploits

The research highlights the orientation of these attacks towards widely used platforms and devices, with particular attention to smartphones, browsers such as Chrome and Safari, operating systems and web applications. Even if Windows remains the most affected system with 17 exploits, it is Safari that highlights the most significant increase: from 3 to 11 exploits in just one year. Android and iOS show similar numbers with 9 exploits each, but Android is seeing the most growth. Chrome, despite being more widespread than Safari, has seen a decrease in the number of exploits, while macOS and Firefox have not recorded any new cases.

The reasons behind the escalation

The study by Google and Mandiant reveals that the main motive behind the exponential increase in zero-day exploits is government espionage operations. The investigation identified specific motivations behind 58 of the 97 exploits analyzed, and in 48 of these, the shadow of foreign governments, primarily North Korea, Russia and China, was evident. While a portion of the attacks were aimed at monetary gain, these represent a minority in the overall context of the threats identified.

The response to the growing threat

The pressing need to address exploits based on zero-day vulnerabilities requires coordinated and rapid action from the cybersecurity community. The publication of the study by TAG and Mandiant aims to further raise public and professional awareness, promoting in-depth knowledge of the threats and accelerating the development of mitigation strategies. This wave of attacks highlights the importance of increasingly sophisticated security protocols and constantly updating defenses to protect sensitive data and critical infrastructure.

Follow us on Instagram for more pills like this

03/30/2024 14:03

Marco Verro

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report