- Google observed 75 zero-day bugs last year
- Most were used by stakeholders sponsored by the state
- Countries like China and North Korea were specifically mentioned
In 2024, the Google threat Intelligence Group (GTIG) discovered 75 zero day vulnerabilities and argued that the majority had been used in the state -sponsored hacking campaigns. The company made these complaints in “Hello Zero-Day My Old Friend, an operating analysis document in 2024” published recently.
In the report, Google says that the number of zero-day defects has dropped compared to 2023 (from 98 to 75). However, the trend at four years is that the zero operating rate “continues to grow at a slow but regular rate”.
While the general public devices continue to be the most attacked targets, there is an increase in opponents operating technologies specific to the company. In 2023, around a third (37%) of zero-day targeted corporate products, going to 44% last year. This, says Google, is mainly powered by the increase in the operation of networking and networking software and devices.
Governments again
In fact, zero-day vulnerabilities in security software and household appliances were a high-value target in 2024. Google says that it identified 20 safety and networking defects, which exceeded 60% of all zero day operations. Since the exploitation of these products is reflected in a more efficient and extensive system of system and network, Google expects threat stakeholders to focus on these technologies to continue to grow.
The greatest abusers of zero-day vulnerability are governments, says Google. “Between groups supported by the government and customers of commercial surveillance suppliers, actors carrying out cyber-spying operations represented more than 50% of the vulnerabilities that we could assign in 2024,” said the report.
Google distinguished China as a major actor in this regard, but also mentioned North Korea, whose agents have mixed spying with operations with financial motivation.
The number of window exploits increased to 22 (previous 16 years old), while on Safari and iOS, it fell (from 11 and 9 to 3 and 2). Android has kept his “lucky number” 7, just like Chrome. Firefox had gone from zero in 2023 to one in 2024.
Via Ars Technica
