Friday, October 4, 2024
HomeCyber Security News41 Zero-days Exploited In-the-Wild in 2022 - Google Report

41 Zero-days Exploited In-the-Wild in 2022 – Google Report

Published on

In 2022, the detection of zero-day exploits in the wild decreased by 40% compared to the previous year. 

41 in-the-wild 0-days were detected, the second-highest count since 2014, but lower than the 69 found in 2021.

While a 40% drop appears as a security win but, the reality is more complicated than it seems. Despite the drop, 41 zero days in the wild is significant, and declining numbers don’t necessarily indicate improved product security or better detection by defenders.

- Advertisement - EHA

41 Zero-days Detected

Google’s 2020 finding of 25% exploited zero-days linked to disclosed vulnerabilities increased to over 40% in 2022, with 17 of 41 zero-days connected. Over 20% were variants of previous zero-days, seven from 2021 and one from 2020.

Detection (Source – Google)

In 2022, 18 organizations were credited across the 41 in-the-wild 0-days, highlighting the importance of a large workforce tackling this problem.

Analyzing 2022 0-days, Google researchers anticipate industry focus in the following areas:-

  • Enhance patching to promptly address variants and n-days posing as 0-days.
  • Platforms adopt browser-like mitigations to reduce the exploitability of entire vulnerability classes.
  • Make sure to increase transparency and collaboration between vendors and defenders to detect exploit chains across multiple products.

The 0-days detected and disclosed in the wild serve as one of many indicators for security experts, who attribute the 40% drop from 2021 to 2022 to a mix of improvements and regressions, leading to a higher-than-average count in 2022.

Gaps between upstream vendors and downstream manufacturers enable n-days to act as 0-days due to the lack of available patches, leaving users with limited defenses. Android experiences more prevalent and extended gaps in such associations.

Zero-Days Platforms (Source – Google)

Alongside the general decrease in detected zero-days, browser zero-days reduced by 42% in 2022, possibly due to increased exploit mitigations by manufacturers and attackers shifting focus to other areas.

In 2022, attackers also favored zero-click exploits, targeting non-browser components like iMessage.

Zero-Days Browsers (Source – Google)

One-click exploits require a visible link that targets must click, potentially detectable by security tools, with the exploits hosted on a server at that link that is navigable.

In the second half of 2023, their 0-days in-the-wild program moves from Project Zero to TAG, combining vulnerability analysis, detection, and threat actor tracking expertise in one team – introducing TAG Exploits.

Keep yourself informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...