A Review of Zero-Day in-the-Wild Exploits in 2023

Google

This Google report provides a year-long review of zero-day exploits in the wild in 2023. What are the trends, gaps, lessons learned and successes of 2023?

Stats on zero-day exploitation in 2023:

Google observed 97 zero-day vulnerabilities exploited in 2023 - a 50% increase over 2022, but less than the 106 recorded in 2021.
Google categorises the exploits into two categories: platforms and products like browsers and mobile devices that people use in their everyday lives, of which there were 61 vulnerabilities, and enterprise-focused technologies, of which there were 36.

Source: A review of zero-day in-the-wild exploits in 2023 (Google)

Enterprise targeting is on the rise - seeing a 64% increase between 2022 and 2023 - due to the growing exploitation of security software and appliances.
In end-user products, Windows, Safari and iOS saw the biggest increase in zero-days. The macOS operating system suffered from no zero-day vulnerabilities in 2023.

Source: A review of zero-day in-the-wild exploits in 2023 (Google)

Commercial surveillance vendors, which develop and sell spyware to government customers, were responsible for 64% of zero-day exploits of mobile devices and browsers. Espionage accounted for 41.4% of the zero-day vulnerabilities.
The number of exploits helmed by financially motivated actors decreased between 2022 and 2023, standing at only 17%, a significant drop from a third of exploits in 2021.

Insights into targets:

Investments from companies on the end-user side, like Google, Microsoft, and Apple have vastly diminished the number of zero-days that malicious actors can exploit. Developing tools like Apple’s Lockdown setting, which switches a user’s device into high-security mode, has paid off.
But attacks on enterprise software—particularly security software—are only increasing. This software is of particular interest to hackers because it has a high level of permissions and access, clearing a pathway into the organisation.
Zero-day vulnerabilities in third party components also pose a major challenge for cybersecurity defenders. Their prevalence among a number of different products makes them more valuable to hackers.

Read the full report

What to read next

Back to Spotlight

06.2024 . Spotlight

Cyber Security Toolkit for Boards

Everyone in a business has a role to play in managing cybersecurity risks, but the ultimate accountability to the shareholders is with the board.

ISTARI Spotlight Ensign Cyber Threat Landscape

05.2024 . Spotlight

Cyber Threat Landscape Report 2024

What were the most prominent cyber threats of 2023 in the Asia-Pacific region, specifically in Singapore, Malaysia, Indonesia, South Korea, Australia and the Greater China Region? Source: Cyber Threat Landscape Report 2024 (Ensign) The most targeted industries…

05.2024 . Spotlight

Vignette of the Month: CEO Deepfake at WPP

What happened? Mark Read, the CEO of WPP, recently became the target of an elaborate deepfake scam.