Google’s Project Zero Says 2021 Was Year With the Most Zero-Day Exploits

Google’s Project Zero is its in-house team of cybersecurity experts and analysts, who look at advanced threats, has detected a record number of exploits in 2021. In a blog post, the team, known as Project Zero, announced that these zero-day vulnerabilities and exploits had reached a record-breaking number of 58. Project Zero was formed in 2014. In 2015, the team detected 28 exploits, which were reduced to 25 in the year 2020. A growing number of cyber-attacks and the popularity of cryptocurrency can be the reasons behind this spike. But according to Google, the spike detected, this time, is due to improvements in detecting and reporting zero-day occurrences. 

In a blog post, the Project Zero team stated that most of the zero-day exploit uses were “similar to previous publicly known vulnerabilities.” Only two events stood out for their “technological sophistication.” So, the increased number doesn’t suggest a more dangerous situation than the previous year when it comes to zero-day vulnerabilities.

If you are wondering what exactly is a zero-day vulnerability, here’s the answer. A zero-day vulnerability stands for security flaws that developers have just got to know about. As a result, they don’t have any day to fix the flaw. Undetected zero-day vulnerabilities may result in data breaches and ransomware attacks. 

While Google’s Project Zero focuses on better detection methods, it does not overlook the need to minimise the risk of zero-day vulnerabilities. Online security still remains a major concern for individual users as well as businesses.

To keep yourself protected against malware and ransomware, it’s always a good idea to keep the software updated. Software updates regularly fix the flaws that can cause some data breaches. Using a good antivirus and VPN is the next step to keeping your online activity safe and secure. 

Project Zero is striving to “make 0-day hard.” However, the team faces a challenge. The blog post added, “Unfortunately, attackers who actively use 0-day exploits do not share the 0-days they’re using or what percentage of 0-days we’re missing in our tracking, so we’ll never know exactly what proportion of 0-days are currently being found and disclosed publicly.”

Project Zero has also shared the spreadsheet where it has been tracking zero-day exploits since 2014.

Source Link

LEAVE A REPLY

Please enter your comment!
Please enter your name here