Zero-day vulnerabilities are more commonly used, according to the Five Eyes:

Key Findings

In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.

Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

IBM: Identity Compromises Surge as Top Initial Access Method for Cybercriminals

February 21, 2024 0 Comments 0 tags

Compromising valid identities became the top initial access vector in 2023 while phishing dropped to second place, IBM found in a new report

Read More

Kaspersky Finds 24 Flaws in Chinese Biometric Hardware Provider

June 13, 2024 0 Comments 0 tags

A series of vulnerabilities could enable an attacker to bypass the Chinese manufacturer’s biometric access systems

Read More

Microsoft Fixes Five Zero-Days in October Patch Tuesday

October 9, 2024 0 Comments 0 tags

October’s Patch Tuesday saw Microsoft patch over 100 CVEs including five zero-day vulnerabilities

Read More