- Google observed 75 zero day errors last year
- The majority were used by actors sponsored by the State
- Countries like China and North Korea were specifically mentioned
In 2024, the Google Threat Intelligence Group (GTIG) discovered 75 zero day vulnerabilities, and argued that most were used in piracy campaigns sponsored by the State. The company made these claims in the article “Hello Zero-Day My Old Friend, an exploitation analysis of 2024” recently published.
In the report, Google says that the number of zero day failures fell compared to 2023 (from 98 to 75). However, the four -year trend is that the exploitation rate of zero day “continues to grow at a slow but stable rhythm.”
While consumption devices continue to be the most attacked objectives, there is an increase in adversaries that exploit the company’s specific technologies. In 2023, approximately one third (37%) of business products aimed at zero days, jumping at 44% last year. This, says Google, is mainly driven by the greater exploitation of software and safety and network appliances.
Governments again
In fact, zero -day vulnerabilities in security software and appliances were a high -value objective in 2024. Google says it identified 20 security and networks, which exceeded 60% of all farms of business technologies of zero days. Since the exploitation of these products results in a more efficient and extensive network commitment, Google expects the approach of threat actors in these technologies to continue growing.
The greatest abusers of zero day vulnerabilities are governments, says Google. “Between groups supported by the Government and customers of commercial surveillance suppliers, the actors who carry out cyber spying operations represented more than 50% of the vulnerabilities that we could attribute in 2024,” says the report.
Google highlighted China as an important player in this regard, but also mentioned North Korea, whose agents mixed espionage with financial motivation operations.
The number of window exploits increased to 22 (from the previous year), while in Safari and iOS fell (from 11 and 9 to 3 and 2). Android retained his “luck number” 7, as did Chrome. Firefox was zero in 2023 to one in 2024.
Through Ars Technica
