News
NEW
Google, Apple, Microsoft and Norway: zero-day vulnerabilities in the spotlight
Google, Apple, Microsoft and Norway: zero-day vulnerabilities in the spotlight

Published July 31, 2023
by Jivika Lillaney

min read

Summary

    Last week, it was reported that an Apple employee had helped fix a critical issue in Google Chrome after a "zero-day" was identified during a hacking competition earlier this year. The issue was later brought to the team's attention at Google, and fixed.

    A zero-day is a software security vulnerability unknown to the software vendor, which can be leveraged by hackers to gain access to systems, exploit programs, and disrupt networks until the vendor mitigates it. The sooner zero-day attacks are identified, the easier it is to create patches and prevent them from recurring.

    Google isn’t the only major tech player to face some issues related to zero-day. Apple has recently rolled patches to mitigate and prevent zero-day flaws which were impacting iOS, iPadOS, macOS, tvOS, watchOS, and Safari. Microsoft is also investigating reports that Russian spies and cybercriminals are actively exploiting still-unpatched security flaws in its product.

    Apart from GAFAM companies, government officials have also been facing zero-days. 

    Twelve Norwegian ministries were hacked using a zero-day vulnerability earlier this month. This breach happened in the government IT system in an unnamed third-party software, leading local authorities such as the Norwegian Security and Service Organization (DSS) and National Security Authority (NSM) to launch an investigation. 

    “This vulnerability was unique, and was discovered for the very first time here in Norway (...)If we had released the information about the vulnerability too early, it could have contributed to it being misused elsewhere in Norway and in the rest of the world.” 

             - Sofie Nystrøm, director of Norway’s National Security Agency (source: Bleeping Computers)

    Norway has disclosed other cyberattacks in which Chinese and Russian state hackers targeted government websites and the country's parliament.

    Have you ever experienced a zero-day? Join the conversation in our Yes We Trust community, a free discussion group for data privacy professionals and enthusiasts, on LinkedIn:

    Go to the Yes We Trust community

    Related Articles
    Our freshest data privacy content for you
    • News

    Google faces fine in Russia of 15 million rubles │Yes We Trust

    November 16, 2023 by Jivika Lillaney

    Google faces fine in Russia of 15 million rubles

    Read Article

    • News

    Google's Bard is now available - unless you're in the EU or Canada | Yes We Trust

    May 16, 2023 by Yes We Trust

    Read Article

    • News

    2023 Wrapped with Yes We Trust │Yes We Trust

    December 28, 2023 by Jivika Lillaney

    2023 Wrapped with Yes We Trust

    Read Article

    • News

    Apple doubles down on privacy commitment with new API rules | Yes We Trust

    July 31, 2023 by Yes We Trust

    Apple new api rules

    Read Article

    • News

    Norway pushes for broader EU ban on Meta's non-consensual tracking ads │Yes We Trust

    October 11, 2023 by Jivika Lillaney

    Norway pushes for broader EU ban on Meta's non-consensual tracking ads

    Read Article

    • News

    U.S. Congress more determined than ever to ban TikTok | Yes We Trust

    March 24, 2023 by Melissa Walehiane

    Read Article