A report from Mandiant tracked 55 zero-day vulnerabilities that it says were exploited in 2022.  A zero-day is any vulnerability that threat actors manage to exploit before a patch is made available to the public.

The cyber threat intelligence firm and Google Cloud subsidiary found that Apple products were the third most exploited by zero-day volume, at nine total exploited vulnerabilities. In comparison, Google came in second place with 10 zero-days exploited, while Microsoft took first place and accounted for 18 of the exploited zero-days. Other key points from the Mandiant report:

  • Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years. 
  • Mandiant identified four zero-day vulnerabilities exploited by financially motivated threat actors. Seventy-five percent of these instances appear to be linked to ransomware operations.
  • The most exploited product types were operating systems (OS) (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (6). 

Article provided with permission from AppleWorld.Today