Home / Technology / Zero-Day Exploits Skyrocket for Businesses
Zero-Day Exploits Skyrocket for Businesses
5 Mar
Summary
- Nearly half of zero-day exploits targeted enterprise devices last year.
- Security and networking devices like firewalls were top targets.
- Hackers used common flaws to breach defenses and steal data.
A recent analysis reveals a concerning trend in cyberattacks: 48% of zero-day exploits identified last year targeted enterprise technology. These vulnerabilities, unknown to software makers when exploited, increasingly focus on devices designed to protect corporate networks.
Top vendors like Cisco, Fortinet, Ivanti, and VMWare saw their security and networking products exploited. Hackers utilized common flaws, such as input validation issues, to bypass firewalls and VPNs, gaining access to sensitive customer data. This marks a notable increase in attacks aimed at large organizations.
Beyond network defenses, other enterprise software also fell victim. The Clop extortion gang, for instance, targeted Oracle E-Business Suite, leading to significant HR data breaches at companies including Harvard University and The Washington Post.
Meanwhile, 52% of zero-days affected consumer products from companies like Microsoft, Google, and Apple, primarily impacting operating systems and mobile devices. The report also noted a rise in exploits attributed to surveillance vendors over traditional espionage groups, suggesting a shift in government-sponsored hacking methods.
