Zero-day attacks surged in 2021, Mandiant says

Written by
Apr 22, 2022 | CYBERSCOOP

Mandiant said that its intelligence division has documented a surge in verified zero-day exploits over the course of the last year, with 2021 accounting for 40% of zero-day attacks undertaken in the last decade.

A zero-day vulnerability is a flaw in software or hardware which threat actors identify and exploit. Attackers then release malware before a developer can create a patch to address the vulnerability.

Mandiant Intelligence on Thursday identified 80 zero-days exploited “in the wild” — that is, in active use — in 2021, more than double the previous record volume set in 2019. Mandiant said it analyzed more than 200 zero-day vulnerabilities from 2012 to 2021.

Other organizations also have reported a sharp uptick in zero-day exploits in the past year. Researchers at Google’s  Project Zero said Tuesday that they tracked 58 cases of zero-day exploits in the wild last year. Google said the number is largest they’ve found in a single year since Project Zero launched in mid-2014, attributing the figure in part to better detection.

Last year’s total from Project Zero is more than double the previous maximum of 28 in 2015. Only 25 such attacks

Read More: https://www.cyberscoop.com/zero-day-attacks-surge-2022-mandiant-google/