Enterprise Security In The Crosshairs: Google Reveals Key Zero-Day Exploitation Trends For 2024
Press Release – Google Threat Intelligence Group – GTIG
Security & networking products are emerging as prime targets because of the far-reaching access they offer, the report states. 20 of the 33 enterprise-focused vulnerabilities identified in 2024 were in these categories, including widely used platforms from …
The Google Threat Intelligence Group (GTIG) has released its latest annual analysis of zero-day vulnerabilities, revealing a shift in cybercriminal focus toward enterprise technologies, while overall zero-day exploitation remains on an upward trend.
In its report 'Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis,' GTIG tracked 75 zero-day vulnerabilities that were exploited in the wild last year. While that figure marks a decrease from 98 in 2023, it remains higher than the 63 vulnerabilities recorded in 2022—continuing a four-year trend of gradual growth.
A zero-day is defined as a software vulnerability that is exploited before the affected vendor has released a patch. These flaws are highly sought after by both nation-state actors and financially motivated cybercriminals due to the stealth and system access they can provide.
Enterprise Tech in the Firing Line
In a notable shift, 2024 saw a significant increase in zero-day exploitation targeting enterprise-focused technologies. These include security software, network appliances, and business infrastructure tools. GTIG found that 44% of all tracked zero-days in 2024 targeted enterprise technologies—up from 37% in 2023.
'Security and networking products are emerging as prime targets because of the far-reaching access they offer,' the report states. Twenty of the 33 enterprise-focused vulnerabilities identified in 2024 were in these categories, including widely used platforms from Ivanti, Palo Alto Networks, and Cisco.
While the absolute number of exploited enterprise vulnerabilities dropped slightly from the previous year, the proportional increase signals a deeper trend: attackers are prioritising systems that offer expansive access and limited monitoring, particularly where endpoint detection tools may not be effective.
Browsers and Mobiles See Decline
In contrast, the report observed a marked decrease in zero-day exploitation of browsers and mobile devices—down by about one-third and one-half respectively. Exploitation of the Chrome browser remained most common among end-user platforms, with Android devices continuing to be compromised via flaws in third-party components.
Microsoft Windows saw a continued rise in exploitation, with 22 zero-days tracked in 2024, compared to 16 in 2023 and 13 in 2022. GTIG anticipates that Windows will remain a persistent target due to its dominance across home and professional environments.
Espionage Remains a Driving Force
Of the 75 zero-day vulnerabilities tracked, GTIG was able to attribute 34 to specific threat actors. Over half of these (18 vulnerabilities) were tied to espionage operations—either from nation-state groups or clients of commercial surveillance vendors (CSVs). Chinese-backed groups were linked to five exploits, focusing almost exclusively on security and network devices, while North Korean actors matched that number for the first time, combining espionage with financially motivated campaigns.
Meanwhile, forensic surveillance tools developed by vendors such as Cellebrite were linked to chains of zero-day exploits requiring physical access to mobile devices, reinforcing concerns around the misuse of commercial spyware technologies.
Financial Motivation Still Present
Although espionage operations dominate attribution, financially driven actors also played a notable role. Groups such as the suspected FIN11 cluster were linked to multiple attacks on enterprise file transfer systems, using zero-days to conduct data theft and extortion.
A Call for Greater Vendor Vigilance
While some historically popular targets saw fewer attacks in 2024, the report emphasises that this is not necessarily a sign of safety. Rather, it may reflect the growing effectiveness of vendor mitigation strategies, and a redirection of attacker focus to areas with less robust defences.
'Attackers continue to exploit well-known classes of vulnerabilities—such as command injection, use-after-free, and cross-site scripting—highlighting the need for stronger coding standards and preventative practices,' GTIG said.
With enterprise vendors now more frequently in the crosshairs, Google urges all technology providers to evolve their security postures, especially those offering products that serve as central infrastructure within business environments.
The full report, including in-depth technical analysis and recommendations for defenders, is available on the Google Threat Intelligence blog. A companion webinar is scheduled for later this month, offering further insight into these findings.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
RNZ News
3 days ago
- RNZ News
Google makes case for keeping Chrome browser
By Thomas Urbain , AFP Photo: AFP / Anadolu Agency Google has urged a US judge to reject the notion of making it spin off its Chrome browser to weaken its dominance in online search. Rival attorneys made their final arguments on Friday (local time), before US District Court Judge Amit Mehta, who is considering imposing "remedies", after a landmark decision last year that Google maintained an illegal monopoly in search . US government attorneys have called on Mehta to order Google to divest itself of Chrome browser, contending that artificial intelligence is poised to ramp up the tech giant's dominance as the go-to window into the internet. They also want Google barred from agreements with partners like Apple and Samsung to distribute its search tools, which was the focus of the suit against the Silicon Valley internet giant. Three weeks of testimony ended early in May, with Friday devoted to rival sides parsing points of law and making their arguments before Mehta in a Washington courtroom. John Schmidtlein, an attorney for Google, told Mehta no evidence was presented showing people would have opted for a different search engine without the exclusivity deals in place. Schmidtlein noted that Verizon installed Chrome on smartphones, even though the US telecom titan owned Yahoo! search engine and was not bound by a contract with Google. Of the 100 or so witnesses heard at trial, not one said "if I had more flexibility, I would have installed Bing" search engine from Microsoft, the Google attorney told the judge. Department of Justice (DOJ) attorney David Dahlquist countered that Apple, which was paid billions of dollars to make Chrome the default browser on iPhones, "repeatedly asked for more flexibility", but was denied by Google. Google contends that the US has gone way beyond the scope of the suit by recommending a spinoff of Chrome and holding open the option to force a sale of its Android mobile operating system. "Forcing the sale of Chrome or banning default agreements wouldn't foster competition," said Cato Institute senior fellow in technology policy Jennifer Huddleston. "It would hobble innovation, hurt smaller players and leave users with worse products." Google attorney Schmidtlein noted that more than 80 percent of Chrome users are outside the US, meaning divestiture would have global ramifications. "Any divested Chrome would be a shadow of the current Chrome," he contended. "Once we are in that world, I don't see how you can say anybody is better off." The potential of Chrome being weakened or spun off comes as rivals like Microsoft, ChatGPT and Perplexity put generative artificial intelligence (AI) to work, fetching information from the internet in response to user queries. The online search antitrust suit was filed against Google some five years ago, before ChatGPT made its debut, triggering AI fervour. Google is among the tech companies investing heavily to be a leader in AI, and is weaving the technology into search and other online offerings. Testimony at trial included Apple Vice President of Services, Eddy Cue, revealing that Google's search traffic on Apple devices declined in April for the first time in more than two decades. Cue testified that Google was losing ground to AI alternatives like ChatGPT and Perplexity. Mehta pressed rival attorneys regarding the potential for Google to share data as proposed by the DOJ in its recommended remedies. "We're not looking to kneecap Google, but we are looking to make sure someone can compete with Google," DOJ attorney Adam Severt told the judge. Schmidtlein contended that data Google is being asked to share contains more than just information about people's online searches, saying it would be tantamount to handing over the fruit of investments made over the course of decades. "There are countless algorithms that Google engineers have invented that have nothing to do with click and query data," Schmidtlein said. "Their remedy said we want to be on par with all of your ingenuity and, respectfully your honour, that is not proportional to the conduct of this case." - AFP
Techday NZ
6 days ago
- Techday NZ
ExtensionPedia launches with risk scores for 200K browser add-ons
LayerX Security has launched ExtensionPedia, an online resource designed to provide security evaluations for over 200,000 browser extensions. The new platform provides individuals and enterprises with detailed risk assessments for browser extensions available for Chrome, Edge, and Firefox, enabling users to review security scores before installation. ExtensionPedia also includes a knowledge centre featuring guidance on mitigating threats from malicious browser extensions. Malicious browser extensions have been cited as a significant but overlooked identity security risk affecting both home and workplace users. Recent incidents, including multiple breaches over the past six months, have reportedly exposed nearly ten million users worldwide to risks such as identity theft and data leakage via compromised extensions. These risks have prompted warnings from law enforcement agencies such as the FBI. One of the challenges users face is the complexity of extension trustworthiness, as extensions can be developed, modified, or compromised by malicious actors and redistributed widely. Access to complete, impartial risk information on individual extensions has not typically been available to the general public or organisations. Extension stores typically apply only baseline verification processes to detect obvious malicious indicators in extensions. Deeper investigations into suspicious behaviour or complex risks usually fall outside their standard review procedures. Or Eshed, Co-Founder and Chief Executive Officer of LayerX, explained the rationale behind the launch of ExtensionPedia: "While browser extensions are often considered harmless, in practice they are frequently granted extensive access permissions to users' identity information and data, leading hackers to use them as an attack channel for credential theft, account takeover and data theft." He added, "When someone installs a browser extension – either for personal or work – users and their organisations have no idea what permissions each extension has, how reputable the extension author is and the risk profile of the extension. Our Browser Extension Risk Database and Knowledge Centre for the first time helps get the information individuals and enterprises to protect themselves." ExtensionPedia's risk evaluations are based on anonymised data collected from millions of sessions using the LayerX platform, which operates as a user-centric extension for protecting identities directly within browsers. Key features of ExtensionPedia include access to data on over 200,000 extensions across major browsers, integration with the LayerX management console, and availability for public use online. Each extension is given a detailed score based on parameters such as permission scope and reputation risk. Users can also view a single, unified risk score incorporating all available risk factors. Additional information available through ExtensionPedia includes extension details, publisher data, and a range of articles and guides covering topics related to browser extension security and best practices for preventing malicious activity. Individuals and organisations using ExtensionPedia can search for extensions by name or unique ID, review extensions by category—including GenAI, VPN tools, and password managers—and compare risk scores. The platform offers both high-level risk assessments and more granular, detailed breakdowns, including permission access and publisher reputation. ExtensionPedia also features resources to help users educate themselves on the risks and protection strategies related to browser extensions.
Scoop
7 days ago
- Scoop
Auckland Co-op Taxis Has Been Proudly Moving People Since 1947
Press Release – Your Ride Co-op Taxis has been proudly moving people since 1947, building a reputation for unwavering reliability and community commitment in Auckland's streets. Whether you're commuting to work, working late, or coordinating transport for hundreds of conference guests, Coop Taxis delivers with precision and care. Unrivalled Fleet & Coverage 700 white, late-model vehicles —including sedans, vans, and wheelchair-accessible options—ensure you always find the right vehicle for your trip. 90% environmentally-friendly vehicles reduce emissions citywide, helping Auckland breathe easier.. 24/7 Availability Co-op Taxis ' round-the-clock Call Centre and driver network mean no request is ever off-limits—day or night. Experience consistent service, whether it's 3 AM or during the busiest rush hour. Comprehensive Service Portfolio Airport Transfers: Seamless pickups and drop-offs at Auckland Airport, every time. Corporate Accounts & Reporting: Centralised invoicing, detailed travel reports and expense tracking for businesses of all sizes. Total Mobility: Tailored transport solutions for passengers with special requirements. Event Marshalling: Professional taxi management at stadiums, conferences, and large-scale events. Smart Booking, Real-Time Tracking Booking has never been easier: Call 09 300 3000 for traditional reservations. Download the YourRide App to book and track your taxi in real time from your smartphone. Find a Rank: Use strategically located ranks across Auckland for on-the-spot pickups. YourRide App Coop Taxis proudly endorses YourRide as its preferred booking platform. With instant confirmations, live GPS tracking, in-app driver ratings, and seamless payment options, YourRide connects you to Auckland's co-operative taxi network in just a few taps—whether you're planning ahead or booking on the go. Download the YourRide App. Available on iOS and Android Select Destination Get a fare estimate Book on demand or in advance. Track Your Trip. Know exactly when your driver will arrive Rate Your Experience. Your feedback keeps us at the top of our game. Safety & Professionalism Auckland Coop Taxis is prequalified for OHS/WHS Capability under CM3 and prioritises safety through a stringent driver vetting process, mandatory fatigue management and log keeping, English language and local area knowledge requirements, invehicle security cameras, clear vehicle and driver identification, and comprehensive insurance coverage—ensuring every trip is trusted and secure. Sustainability & Community As Auckland's largest taxi company, Co-op Taxis reinvests in local initiatives, supports driver owners, and champions green transport solutions. Riding with us means backing a brand that cares about our city's future. Book Your Next Trip Trust Auckland's original taxi co-operative to get you there—safely, on time, and in comfort. Whether for personal, corporate, or event transport needs, Co-op Taxis stands ready with the fleet, technology, and expertise to exceed expectations.
