The escalating cybersecurity arms race has propelled a significant rise in zero-day vulnerabilities exploited, particularly targeting enterprise technologies. While consumer platforms have demonstrated success in mitigating exploits through cybersecurity investments, enterprises are faced with a formidable attack surface, culminating in heightened vulnerability to sophisticated nation-state backed adversaries focused on espionage-driven zero-day exploits.
The research, conducted jointly by Mandiant and Google Threat Analysis Group (TAG), highlights a 50% surge in zero-day vulnerabilities exploited in the wild in 2023 compared to the previous year. This surge is attributed to a decline in the use of n-day vulnerabilities, compelling attackers to pivot back to zero-day exploits. Furthermore, the emergence of a swift and frequent discovery and disclosure of in-the-wild zero-days by researchers and vendors has contributed to the reported increase.
Notably, the report underscores the contrast between successful investments by end-user platforms in cybersecurity defenses and the heightened vulnerability of enterprises due to their complex and sprawling attack surface composed of software from multiple vendors and third-party components. Cybercrime groups have fervently targeted security software such as Barracuda Email Security Gateway, Cisco Adaptive Security Appliance, Ivanti Endpoint Manager, Mobile, and Sentry, and Trend Micro Apex One, capitalizing on their high-permission access within enterprise networks.
