The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year
welivesecurity.comAs many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according to a report from Mandiant. The rest of the software flaws under review were exploited as n-days; i.e., vulnerabilities first exploited after patches are made available (versus zero days, which are abused before patches are released). The average time to exploit a software flaw has been shrinking considerably over the years – from 63 days in 2018-2019 all the way to only five days last year.
These and other figures in the report underscore a disconcerting trend: threat actors are rapidly getting better at spotting and weaponizing software vulnerabilities, which clearly poses an escalating threat to businesses and individuals alike.
What else did the report find and how does the market for zero-day exploits factor into the problem? Find out in the video.
Copyright of this story solely belongs to welivesecurity.com . To see the full text click HERE