“Zero-day exploitation will ultimately be dictated by vendors’ decisions and ability to counter threat actors’ objectives and pursuits,” concludes the report, emphasizing the critical role that proactive security measures will play in mitigating these sophisticated threats. “North Korean groups are notorious for their overlaps in targeting scope, tactics, techniques, and procedures that demonstrate how various intrusion sets support the operations of other activity clusters and mix traditional espionage operations with attempts to fund the regime,” notes the report. Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the global cybersecurity landscape. Another significant exploit chain combined Firefox vulnerability CVE-2024-9680 with Windows privilege escalation vulnerability CVE-2024-49039, allowing attackers to elevate from low integrity to SYSTEM privileges by exploiting weaknesses in Windows Task Scheduler. Exploitation increasingly targets enterprise-focused technologies, with 44% of identified zero-days affecting enterprise products in 2024, compared to 37% in 2023. Meanwhile, traditional targets like browsers and mobile devices saw notable decreases in exploitation, with browser vulnerabilities dropping from 17 to 11 and mobile vulnerabilities declining from 17 to 9 compared to the previous year. Security and networking products have become particularly attractive targets, accounting for 60% of enterprise zero-day exploitation. Microsoft Windows remains the most exploited platform with 22 zero-days in 2024, continuing its upward trajectory from 16 vulnerabilities in 2023 and 13 in 2022. The People’s Republic of China (PRC) and North Korean state actors each exploited five zero-days, while commercial surveillance vendors (CSVs) were linked to eight exploits. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. While this figure decreases from the 98 zero-days observed in 2023, it still represents a significant increase from the 63 tracked in 2022, underscoring a persistent and gradually growing threat. The report recommends that organizations implement zero-trust fundamentals, including least-privilege access and network segmentation, while vendors should prioritize secure coding practices and architectural improvements. As attackers diversify their targets and techniques, vendors and organizations must adapt rapidly to mitigate the risks posed by these sophisticated threats.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 29 Apr 2025 13:35:07 +0000