![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
.jpg?#)
_NicoElNino_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Standalone Meta AI App Released for iPhone [Download]](https://www.iclarified.com/images/news/97157/97157/97157-640.jpg)
Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild
Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the global cybersecurity landscape. While this figure decreases from the 98 zero-days observed in 2023, it still represents a significant increase from the 63 tracked in 2022, underscoring […] The post Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.
Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the global cybersecurity landscape.
While this figure decreases from the 98 zero-days observed in 2023, it still represents a significant increase from the 63 tracked in 2022, underscoring a persistent and gradually growing threat.
Enterprise Attacks Surge, Browser
Exploitation increasingly targets enterprise-focused technologies, with 44% of identified zero-days affecting enterprise products in 2024, compared to 37% in 2023.
“Attackers are intentionally targeting products that can provide expansive access and fewer opportunities for detection,” explains the GTIG report.
Security and networking products have become particularly attractive targets, accounting for 60% of enterprise zero-day exploitation.
Microsoft Windows remains the most exploited platform with 22 zero-days in 2024, continuing its upward trajectory from 16 vulnerabilities in 2023 and 13 in 2022.
Meanwhile, traditional targets like browsers and mobile devices saw notable decreases in exploitation, with browser vulnerabilities dropping from 17 to 11 and mobile vulnerabilities declining from 17 to 9 compared to the previous year.
Exploitation Methods
The report highlights three predominant vulnerability types: use-after-free (8 cases), command injection (8 cases), and cross-site scripting (XSS) (6 cases).
These vulnerabilities primarily enabled remote code execution and privilege escalation attacks, accounting for over half of the total exploits tracked.
Among the most sophisticated exploits documented was a WebKit exploit chain (CVE-2024-44308, CVE-2024-44309) targeting macOS users on Intel hardware.
This attack, discovered on a compromised Ukrainian diplomatic website, specifically harvested login.microsoftonline.com cookies.
Another significant exploit chain combined Firefox vulnerability CVE-2024-9680 with Windows privilege escalation vulnerability CVE-2024-49039, allowing attackers to elevate from low integrity to SYSTEM privileges by exploiting weaknesses in Windows Task Scheduler.
Attribution analysis reveals espionage actors remain the primary users of zero-day exploits, responsible for 53% of attributed attacks.
The People’s Republic of China (PRC) and North Korean state actors each exploited five zero-days, while commercial surveillance vendors (CSVs) were linked to eight exploits.
“North Korean groups are notorious for their overlaps in targeting scope, tactics, techniques, and procedures that demonstrate how various intrusion sets support the operations of other activity clusters and mix traditional espionage operations with attempts to fund the regime,” notes the report.
GTIG warns that zero-day exploitation will likely continue to increase gradually, with enterprise software and appliances being targeted further.
The report recommends that organizations implement zero-trust fundamentals, including least-privilege access and network segmentation, while vendors should prioritize secure coding practices and architectural improvements.
“Zero-day exploitation will ultimately be dictated by vendors’ decisions and ability to counter threat actors’ objectives and pursuits,” concludes the report, emphasizing the critical role that proactive security measures will play in mitigating these sophisticated threats.
As attackers diversify their targets and techniques, vendors and organizations must adapt rapidly to mitigate the risks posed by these sophisticated threats.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.
