The number of zero-day vulnerabilities is increasing and heightening the risk to organizations of a potential compromise. Indeed, according to a report from Mandiant, the amount of zero-days being exploited in the wild in 2021 increased by more than 100 percent compared to the previous year. State-sponsored attackers continue to be the main actor exploiting these vulnerabilities. However, a third of adversaries abusing zero-days were financially motivated cybercriminals. The most frequent zero-day exploits included Microsoft, Apple, and Google products. Security researchers believe zero-day exploits are increasing due to many factors. First, more cloud hosting, mobile devices, and internet of things (IoT) technologies increase the volume and complexity of systems and devices, with more software leading to more flaws. Second, the development of the exploit criminal marketplace has resulted in more research into zero-days. Finally, stronger cybersecurity tools may increase the detection and reporting of zero-days. Read more at SecurityIntelligence.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!