When hackers look for zero-day flaws to exploit and gain a foothold on the target endpoint (opens in new tab)they usually look at Microsoft, Google or Apple products, according to a new report from cybersecurity researchers Mandiant, which exploited claims of the top zero-day vulnerabilities last year, most focused on the big three.
Zero-days are flaws that have not yet been discovered by security researchers, hence IT teams have had zero days to patch their systems. As such, they are any hacker’s most precious asset, as misusing them does not cause alarm.
Of all the possible products that could have been targeted, the scammers kept their magnifying glass tightly focused on operating systems, web browsers, and network management products. Windows has exploited 15 vulnerabilities, Chrome nine and iOS five. MacOS rounds out the top four with four exploited zero-day vulnerabilities.
Breaking down the findings geographically, Mandiant says the majority of zero-days were exploited by Chinese state-sponsored threat actors (7), followed by the Russians (2 – one overlapping) and North Koreans (2). No provenance could be established for three. Thirteen were exploited by cyber espionage groups.
Typically, they looked for bugs that could give them escalated privileges, or ran remote code on vulnerable devices (53 out of 55 bugs).
Between edge infrastructure and cloud services, crooks were particularly interested in the former, as these products usually lack proper cybersecurity defenses and are more likely to be compromised without alerting IT teams. At the same time, as more companies migrate to the cloud, the number of zero-days released could decrease as cloud service providers report security incidents differently, Mandiant claims.
In any case, there were fewer revealed zero-day errors in 2022 (55) compared to the year before (80), and while that sounds positive, 2022 was a record breaker when it comes to the number of zero-days actively used. The researchers think the trend will only get worse this year.
Through: Beeping computer (opens in new tab)