connect.riskxchange.co
Open in
urlscan Pro
2606:4700::6812:162a
Public Scan
URL:
https://connect.riskxchange.co/c/news/2021-had-a-record-number-of-0-day-exploits-according-to-google
Submission: On May 11 via api from CH — Scanned from DE
Submission: On May 11 via api from CH — Scanned from DE
Form analysis 1 forms found in the DOM
<form>
<div class="search-input-wrapper">
<div data-controller="autocomplete" data-autocomplete-url="/communities/search">
<input type="text" name="search" placeholder="Search" data-name="v1-search" data-target="autocomplete.input" data-action="keyup->search#fetchResults keydown->search#navigateResults" autocomplete="off" spellcheck="false">
<input type="hidden" name="search_select" data-target="autocomplete.hidden">
<ul class="search-results search-results--desktop" data-target="autocomplete.results" hidden=""></ul>
<div class="hidden search-input__clear" data-target="autocomplete.clear" data-action="click->autocomplete#clear">
<svg class="icon icon-clear " viewBox="0 0 24 24">
<use xlink:href="#icon-clear"></use>
</svg>
</div>
</div>
<svg class="icon icon-search search-icon" viewBox="0 0 24 24">
<use xlink:href="#icon-search"></use>
</svg>
</div>
</form>Text Content
R RiskXchange Connect
Home
Welcome
🏠Start Here❓FAQ
Community
📢Announcements📰Industry News💬Conversations🎯Roundtable Discussions✍️Guest
Blog📆Events💼Talent Pool🙋♂️Ask for Help
RiskXchange Platform
🚀What's New⭐Product Spotlight🎁Give Feedback
Knowledgebase
📽️Videos📖E-Books
Links
RiskXchange AppRiskXchange Blog
Log in Sign up
* Log in
* Sign up
Home
Welcome
🏠Start Here❓FAQ
Community
📢Announcements📰Industry News💬Conversations🎯Roundtable Discussions✍️Guest
Blog📆Events💼Talent Pool🙋♂️Ask for Help
RiskXchange Platform
🚀What's New⭐Product Spotlight🎁Give Feedback
Knowledgebase
📽️Videos📖E-Books
Links
RiskXchange AppRiskXchange Blog
Back to Industry News
Share
Share to web
This post is public.
Copy
2021 HAD A RECORD NUMBER OF 0-DAY EXPLOITS, ACCORDING TO GOOGLE
In its third annual review of zero-day bugs exploitations, Google's team called
Project Zero has detected a staggering number of 58 known security holes used in
2021.
Since the team started tracking 0-days in 2014, 58 is officially the highest
number recorded.
WHO IS PROJECT ZERO?
In short, it's a team of security researchers working at Google and studying
zero-day vulnerabilities in the hardware and software systems, in order to patch
them and spread awareness.
> "Our mission is to make 0-day hard. Zero-day will be harder when, overall,
> attackers are not able to use public methods and techniques for developing
> their 0-day exploits," says the team.
WHAT 0-DAYS WERE DETECTED?
Project zero has reported that out of 58 known exploits, there were:
* 39 memory corruption vulnerabilities
* 17 use-after-free
* 6 out-of-bounds read/write bugs
* 4 buffer overflow
* 4 integer overflow
The platforms impacted included Chromium (Google Chrome) with 14 zero-days. Out
of which 10 were renderer remote code execution bugs, 2 sandbox escapes, 1 info
leak, and 1 was used to open a different webpage in Android apps (other than
Chrome).
Additionally, Microsoft Windows had 10 zero-days and Apple had 6, with 5 being
iOS zero-days and 1 macOS.
THOUGHTS ON 2022
Based on their 2021 research, Project Zero has suggested the following steps to
help limit the number of 0-day exploits in 2022:
1. All vendors agree to disclose the in-the-wild exploitation status of
vulnerabilities in their security bulletins.
2. Exploit samples or detailed technical descriptions of the exploits are
shared more widely.
3. Continued concerted efforts on reducing memory corruption vulnerabilities or
rendering them unexploitable. Launch mitigations that will significantly
impact the exploitability of memory-corruption vulnerabilities.
DC
Liked by Darren
0 comments
POST A COMMENT
Log in
This website uses cookies to provide you with the best experience. Read our
Cookie Policy to learn more.
DeclineAccept
This website uses cookies to provide you with the best experience. Read our
Cookie Policy to learn more.
DeclineAccept