AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

The rise of zero-day exploits in 2023: An in-depth look

A worrying increase that calls for a decisive reaction from the cybersecurity sector

In 2023, cyber attacks via zero-day exploits increased by 50% to 97 cases. These attacks, primarily targeting popular platforms and devices, are often linked to government espionage. Google and Mandiant highlight the need to strengthen security.

This pill is also available in Italian language

Recent revelations from Google highlight a marked increase in the use of exploits based on zero-day vulnerabilities, with a total of 97 cases identified in 2023, marking an approximate increase of 50% compared to the previous year. This type of attack, which exploits security gaps not yet known to defenders, is particularly insidious as it leaves victims zero days to react. TAG, the cybersecurity division of Google, and Mandiant, a leading cybersecurity company acquired by Google in 2022, collaborated on this study that sheds light on the growing threat.

The main victims of zero-day exploits

The research highlights the orientation of these attacks towards widely used platforms and devices, with particular attention to smartphones, browsers such as Chrome and Safari, operating systems and web applications. Even if Windows remains the most affected system with 17 exploits, it is Safari that highlights the most significant increase: from 3 to 11 exploits in just one year. Android and iOS show similar numbers with 9 exploits each, but Android is seeing the most growth. Chrome, despite being more widespread than Safari, has seen a decrease in the number of exploits, while macOS and Firefox have not recorded any new cases.

The reasons behind the escalation

The study by Google and Mandiant reveals that the main motive behind the exponential increase in zero-day exploits is government espionage operations. The investigation identified specific motivations behind 58 of the 97 exploits analyzed, and in 48 of these, the shadow of foreign governments, primarily North Korea, Russia and China, was evident. While a portion of the attacks were aimed at monetary gain, these represent a minority in the overall context of the threats identified.

The response to the growing threat

The pressing need to address exploits based on zero-day vulnerabilities requires coordinated and rapid action from the cybersecurity community. The publication of the study by TAG and Mandiant aims to further raise public and professional awareness, promoting in-depth knowledge of the threats and accelerating the development of mitigation strategies. This wave of attacks highlights the importance of increasingly sophisticated security protocols and constantly updating defenses to protect sensitive data and critical infrastructure.

Follow us on Telegram for more pills like this

03/30/2024 14:03

Editorial AI

Last pills

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concerns

Microsoft strengthens cybersecurityNew policies and accountability measures to strengthen cybersecurity at Microsoft

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platforms

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user data