Threat actors exploiting zero-days faster than ever – Week in security with Tony Anscombe

Cyber Security

Video

The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year

As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according to a report from Mandiant. The rest of the software flaws under review were exploited as n-days; i.e., vulnerabilities first exploited after patches are made available (versus zero days, which are abused before patches are released). The average time to exploit a software flaw has been shrinking considerably over the years – from 63 days in 2018-2019 all the way to only five days last year.

These and other figures in the report underscore a disconcerting trend: threat actors are rapidly getting better at spotting and weaponizing software vulnerabilities, which clearly poses an escalating threat to businesses and individuals alike.

What else did the report find and how does the market for zero-day exploits factor into the problem? Find out in the video.

Connect with us on FacebookTwitterLinkedIn and Instagram.

Products You May Like

Articles You May Like

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns
ESET APT Activity Report Q2 2024–Q3 2024
North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms
IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools
EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise

Leave a Reply

Your email address will not be published. Required fields are marked *