The State of Zero-Day Attacks
In 2021, eSentire’s Threat Response Unit (TRU) detected and responded to a significant increase in zero-day exploit activity in client environments. This included defending against Solarigate, ProxyLogon, ProxyShell, and most recently, preventing further compromise of client environments that had been targeted through Kaseya’s VSA product.
TRU attributes these increases to four contributing factors:
- A growing technology footprint;
- Threat actors are focusing their investments in zero-day security research;
- Mature threat hunting and detection programs have improved efficacy towards identifying zero-day attacks.
- Security researchers are publicly disclosing more zero-day vulnerabilities.