08.04.2020
Mandiant: Zero days exploitations largely facilitated by private companies
FireEye Mandiant Threat Intelligence documented more zero-days exploited in 2019 than any of the previous three years. While not every instance of zero-day exploitation can be attributed to a tracked group, they noted that a wider range of actors appear to have gained access to these capabilities.
Mandiant noted a significant increase over time in the number of zero-days leveraged by groups suspected to be customers of companies that supply offensive cyber capabilities, as well as an increase in zero-days used against targets in the Middle East, and/or by groups with suspected ties to this region.
Going forward, Mandiant expects to see greater variety of actors using zero-days, especially as private vendors continue feeding the demand for offensive cyber weapons.