Google's 2024 report on zero-day vulnerabilities revealed a decrease from 98 in 2023 to 75, with a significant portion targeting enterprise products. Notably, 20 flaws were found in security software alone. Exploitation of browsers and mobile devices significantly fell, with exploit chains predominantly targeting mobile platforms. Microsoft Windows recorded the highest number of flaws (22), followed by Google, Ivanti, and Apple. The report also notes that a substantial portion of exploitations were linked to state-sponsored cyber activities, showcasing the ongoing challenges in cybersecurity across various organizations.
Security and network tools and devices are designed to connect widespread systems and devices with high permissions required to manage the products and their services, making them highly valuable targets for threat actors seeking efficient access into enterprise networks.
While Microsoft Windows accounted for 22 of the zero-day flaws exploited in 2024, Apple's Safari had three, iOS had two, Android had seven, Chrome had seven, and Mozilla Firefox had one flaw that were abused during the same period.
Collection
[
|
...
]