TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Google Threat Analysis Group

A review of zero-day in-the-wild exploits in 2023

James Sadowski · 2024-03-27 · Read original ↗

ATT&CK techniques detected

4 predictions
T1588.006Vulnerabilities
74%
"a review of zero - day in - the - wild exploits in 2023 a review of zero - day in - the - wild exploits in 2023 in 2023, google observed 97 zero - day vulnerabilities exploited in - the - wild. that ’ s over 50 percent more than in 2022, but still shy of 2021 ’ s record of 106. t…"
T1588.006Vulnerabilities
69%
"after - free vulnerabilities in chrome, as well as apple ’ s introduction of lockdown mode for ios, which successfully prevents exploitation of many exploit chains used in - the - wild. - attackers are now shifting focus to third - party components and libraries in 2023. zero - d…"
T1588.006Vulnerabilities
35%
"mobile devices exploited in 2023, we attributed over 60 percent to csvs that sell spyware capabilities to government customers. - the people ’ s republic of china ( prc ) continues to lead the way for government - backed exploitation. prc cyber espionage groups exploited 12 zero …"
T1588.006Vulnerabilities
31%
"result, we hope, is not only a broader assessment but clear guidance for others committed to securing the digital world. when we analyze the data, we see progress in the fight against zero - days. end user platform vendors, such as apple, google and microsoft, have made notable i…"

Summary

Today, Google released its report “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023.”