Researchers have tracked 55 zero-day vulnerabilities that were exploited by hackers in 2022, most of them targeting Microsoft, Google and Apple products. According to information security company Mandiant, products from Microsoft, Google and Apple made up the majority of zero-day vulnerabilities in 2022, in line with previous years, and the most exploited product types were operating systems (19), followed by browsers (11) ), security, IT and network management products (10), and mobile OS (six).
Zero-day vulnerabilities are security flaws in software that are publicly disclosed or exploited before a developer is aware of it or a fix is issued. They are extremely valuable to hackers because their exploit is simple and stealthy as there are no security measures or specific monitoring to track and prevent attacks.
In terms of products targeted, Windows was hit with 15 zero-day flaws in 2022, followed by Chrome with nine actively exploited flaws, iOS with five zero-day flaws and iOS with four zero-day vulnerabilities. There was MacOS with flaws. The report noted that Chinese state-sponsored cyber espionage groups exploited more zero-days in 2022 than other cyber espionage actors combined, which is in line with previous years.
Threat actors exploited 80 zero-day flaws in various products to conduct security breaches in 2021, marking a slight decrease from the previous year. About four zero-day vulnerabilities were exploited by financially motivated threat actors, with 75 percent of these instances appearing to be associated with ransomware operations.
The report said that cyber-espionage groups exploited 13 of the 55 zero-day flaws in 2022, while Chinese cyber spies took advantage of seven.
The post Hackers target Microsoft, Google, Apple through zero-day exploit in 2022: The report appeared first on Techlusive.