Threat Actors Exploit Zero Days Within 5 Days, Says Google's Mandiant
SC Media, Thursday, October 17th, 2024
In analyzing 138 actively exploited vulnerabilities in 2023, Google Mandiant reported Oct. 15 that 70% of them were zero-days, indicating that threat actors are getting much better at identifying vulnerabilities in software.
It's a worrying trend in and of itself, but what caused even more concern among security analysts was that Google Mandiant also found that the time-to-exploit (TTE) - the time it takes threat actors to exploit a flaw - was down to a mere five days in 2023 compared with 63 days in 2018-19 and 32 days in 2021-22.
'The shrinking timeline for security teams to respond to vulnerabilities presents a significant challenge,' said Patrick Tiquet, vice president, security and architecture, at Keeper Security.