In 2023, Google observed a significant increase in zero-day vulnerabilities exploited in the wild, with a total of 97, which is over 50% more than in 2022. Interestingly, commercial surveillance vendors were responsible for most of these zero-day exploits targeting Google products and Android ecosystem devices. These vendors were linked to 48 zero-day exploits used in attacks last year, which amounts to roughly 50% of all such flaws exploited in the wild in 2023.
Google’s Threat Analysis Group (TAG) and Mandiant have teamed up to tackle this issue, marking the first time these two entities have collaborated on such a project.
Google’s report does not detail each individual exploit but instead analyzes the exploits from the year as a whole, looking for trends, gaps, lessons learned, and successes. This approach provides a comprehensive overview of the zero-day exploit landscape and helps inform future security strategies. The report is part of Google’s ongoing efforts to enhance transparency and foster a more secure digital environment.
read more > www.bleepingcomputer.com