Zero day vulnerability discoveries are rising
- Sep 23, 2022
- 1 min read
Updated: Sep 25, 2022
Zero day vulnerabilities are usually exploited by states or state sponsored actors to spy on enemies, perceived or real. Weaponized zero-days are routinely marketed by outfits such as NSO Group, and probably represent the biggest threat to privacy worldwide.
Two projects are doing a good job in researching, discovering and making zero-days known to vendors so they can react: The Zero Day Initiative (ZDI) and Google Project Zero.
Both are finding that the number of discovered zero days is rising. Project Zero found 58 in-the-wild 0-days in 2021, the most ever recorded since they began tracking in mid-2014. ZDI is also seeing an uptick and reports record numbers for 2021.
Although the rise may be seen as a bad trend, Google Project Zero points it is most likely due to increased detection capabilities and disclosure of these 0-days, rather than simply increased usage of 0-day exploits. That's a good thing.
![[Webinar] NIS2 is Here - What Now?](https://static.wixstatic.com/media/6681e7_beb47411e54f424c8b934c85bd5b487b~mv2.png/v1/fill/w_1000,h_1000,fp_0.50_0.50,q_35,blur_30,enc_avif,quality_auto/6681e7_beb47411e54f424c8b934c85bd5b487b~mv2.png)
![[Webinar] NIS2 is Here - What Now?](https://static.wixstatic.com/media/6681e7_beb47411e54f424c8b934c85bd5b487b~mv2.png/v1/fill/w_1220,h_1220,fp_0.50_0.50,q_95,enc_avif,quality_auto/6681e7_beb47411e54f424c8b934c85bd5b487b~mv2.png)
