Security Stop Press : Most Zero-Day Exploitations Are Espionage
Paul Stradling • April 3, 2024
Security Stop Press : Most Zero-Day Exploitations Are Espionage
A recent analysis by Google’s Threat Analysis Group (TAG) and Google Cloud’s Mandiant has suggested that government-backed threat actors are more likely to be behind most exploitations of zero-day vulnerabilities than money-motivated cyber criminals.
In the report outlining the findings of the analysis, of the 58 zero-days in 2023 that could be attributed to the threat actor’s motivations, 48 of them were found to be attributable to government-backed advanced persistent threat (APT) groups conducting espionage activities. Only 10 were attributed to financially motivated cyber criminals, e.g. ransomware gangs.
The report singled out the People’s Republic of China (PRC) as the state leading the way for government-backed exploitation.
A massive trove of stolen usernames and passwords totalling 16 billion records has been discovered across 30 newly uncovered databases, revealing one of the largest and most dangerous credential breaches ever recorded.
A new survey has revealed that a majority of Windows users still haven’t moved to Windows 11, despite Microsoft’s looming deadline and growing security concerns.
