Tag Archive for: Google

Google reports a significant surge in zero-day vulnerabilities in 2023

/in


A new report released today by Google LLC’s Threat Analysis Group and Google-owned Mandiant warns that zero-day exploits have become more common amid a rise in nation-state hackers.

The report, “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023,” detailed 97 zero-day vulnerabilities observed by Google in 2023, up from 62 in 2023 but down from 106 in 2021. Zero-day attacks exploit a previously unknown vulnerability in software before developers have had the opportunity to fix it.

Of the 97 zero-days tracked in 2023, 36 targeted enterprise-focused technologies, such as security software and devices, while the remaining 61 affected end-user platforms and products, such as mobile devices, operating systems, browsers and other applications.

Adversary exploitation of enterprise-specific technologies jumped 64% over the previous year, with Google also seeing a general increase in the number of enterprise vendors targeted since 2019. Attackers were seen to be shifting to third-party components and libraries in 2023, as zero-day vulnerabilities in both were found to be a prime attack surface in 2023.

Commercial surveillance vendors — companies that develop and sell tools and software designed for monitoring and gathering intelligence, often used by governments — were found to be behind 75% of known zero-day exploits targeting Google products and Android ecosystem devices in 2023. CSVs were also found to be behind 60% of the 37 zero-day vulnerabilities in browsers and mobile devices exploited in 2023.

The report alleges that China was the lead source of government-back exploitation, claiming that Chinese cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022.

Another finding in the report was surprising: The Google researchers found that exploitation associated with financially motivated actors proportionally decreased in 2023, with financially motivated actors found to account for only 10 zero-day exploits last year. Threat group FIN11 was found to be behind three of them.

“Exploiting zero-days is no longer a niche capability,” the report notes. “The proliferation of exploit technology…

Source…

Google Confirms Massive Increase In Zero-Day Vulnerabilities Exploited In Attacks Due To Spyware Vendors

/in


Google has published a new report that speaks about the significant rise in zero-day vulnerabilities that continue to be exploited in attacks from 2023.

Both its Threat Analysis Group, as well as the company’s subsidiary firm Mandiant, mentioned how the figures continue to grow as we speak and a lot of that has to do with spyware vendors.

The figures reached 97 zero-days and that stood for more than a 50% rise when you compare it to the past which was just 62. But despite such an increase, the numbers are still much lower than the rise of 106 seen back in the year 2021.

Both entities collectively witnessed 29 out of the 97 vulnerabilities. They even spoke about 61 impacted end users who made use of Google’s products and services such as mobile phones, browsers, and social media apps.

Furthermore, the rest of them were utilized to attack tech like security software and a host of other leading devices in this regard. As far as the enterprise side is concerned, there’s a mega array of vendors as well as products under target and we’re seeing more specific tech getting impacted as a result of this.

Let’s not forget how they’ve seen that as the years pass by, the faster they’re discovering the patch featuring bugs from attackers and this means shorter lifespans arising due to the exploit in question.

In 2023, plenty of threat actors made use of zero-day vulnerabilities that went up to Figure 10. And interestingly, it was China that was highlighted as being behind most of the attacks that had support from the government. Some of those entailed espionage groups from the country which was a trend moving upward.

In 2023, it was all thanks to commercial surveillance that seemed to be the culprit of these attacks that kept on targeting both Android as well as Google devices.

They include up to 75% of all those zero-day exploitations that kept on hitting the platforms. In addition to that, there were vendors

Other than that, most of the 37 zero-day vulnerabilities found on browsers as well as devices that were exploited in 2023 had Google linking close to 60% of all CSVs that keep on selling spyware to clients in the government.

Way back in February, Google revealed how so many…

Source…

Google on why it decided to offer 7 years of Android, security updates on Pixel 8 series

/in


Google Pixel 8 series launch announcement was a bit of a sweet surprise for potential buyers as the company promised 7 years of OS and security updates. Apart from a bunch of AI magic tricks and quarterly feature drops, Google went ahead with this USP to make Pixel phones stand-out from a sea of Android smartphones. Recently, one of the company executives spoke about it and why it was done.

Seang Chau, vice president – Devices & Services Software, said during a podcast that Google has active user data of its Pixel users which suggests that most people use one model for multiple years.

“So when we look at the trajectory of where the original Pixel that we launched in 2016 landed and how many people were still using the first Pixel, we saw that actually, there’s quite a good active user base until probably about the seven-year mark,” Chau said.

According to the executive, when Google realised that people have been using the phones for as long as six years, the company decided that it will support Pixel 8 and later models with a total of 7 years of OS and security updates.

How Google is able to promise this change
One of the major changes that Pixel smartphones have seen since Pixel 6 onwards is the Tensor SoC – designed by Google to undertake AI tasks and machine learning models, giving it a better control on features.

But 7 years is a long time in the smartphone industry, and to tackle hardware limitations, Chau said that by keeping features software-based, Google aims to extend the usability of older devices, allowing them to benefit from new features without needing hardware upgrades.

Recently, it was announced that Pixel 8 is also going to get some AI features that were available on Pixel 8 Pro.

Source…

Google Revealed Kernel Address Sanitizer To Harden Android Firmware

/in


Android devices are popular among hackers due to the platform’s extensive acceptance and open-source nature.

However, it has a big attack surface with over 2.5 billion active Android devices all over the world.

It also poses challenges when it comes to prompt vulnerability patching due to its fragmented ecosystem that consists of different hardware vendors and delayed software updates.

Malware distribution, surveillance, and unauthorized financial gain, or any other malicious purpose are some examples of how cybercriminals take advantage of these loopholes in security.

Recently, Google unveiled the Kernel Address Sanitizer (KASan) to strengthen the Android firmware and beyond.

Android Firmware And Beyond

KASan (Kernel Address Sanitizer) has broad applicability across firmware targets. Incorporating KASan-enabled builds into testing and fuzzing can proactively identify memory corruption vulnerabilities and stability issues before deployment on user devices.

Document

Download Free CISO’s Guide to Avoiding the Next Breach

Are you from The Team of SOC, Network Security, or Security Manager or CSO? Download Perimeter’s Guide to how cloud-based, converged network security improves security and reduces TCO.

  • Understand the importance of a zero trust strategy
  • Complete Network security Checklist
  • See why relying on a legacy VPN is no longer a viable security strategy
  • Get suggestions on how to present the move to a cloud-based network security solution
  • Explore the advantages of converged network security over legacy approaches
  • Discover the tools and technologies that maximize network security

Adapt to the changing threat landscape effortlessly with Perimeter 81’s cloud-based, unified network security platform.

Google has already leveraged KASan on firmware targets, leading to the discovery and remediation of over 40 memory safety bugs, some critically severe, through proactive vulnerability detection.

Address Sanitizer (ASan) is a compiler instrumentation tool that identifies invalid memory access bugs like out-of-bounds, use-after-free, and double-free errors during runtime. 

For user-space targets, enabling ASan is…

Source…