August 30, 2024 at 01:42PM APT29, also known as Cozy Bear and Midnight Blizzard, conducted exploit campaigns using n-day mobile exploits previously employed by commercial spyware vendors. Google’s Threat Analysis Group found that these campaigns were initiated through a watering hole attack on Mongolian government websites, aiming to infect devices with iOS and Android vulnerabilities. … Read more
August 29, 2024 at 09:48AM Google TAG has identified evidence of Russian state-backed hackers using iOS and Chrome exploits previously associated with commercial spyware vendors NSO Group and Intellexa. These exploits have been used in high-profile corporate hacks, including a breach at Microsoft. The hackers have been observed using exploits against iOS and Android devices, … Read more
August 15, 2024 at 12:30PM Google confirmed Iranian cyber influence activity targeting US political figures, including Trump, Biden, and Harris, with phishing tactics and social engineering. APT42, part of the Iranian Revolutionary Guard Corps, used “Cluster C” phishing activity and Bitly links to target officials. Similar attacks were observed on Israeli officials, themed around the … Read more
February 6, 2024 at 12:29PM Commercial spyware vendors were responsible for 80% of the zero-day vulnerabilities uncovered by Google’s Threat Analysis Group in 2023, enabling global device surveillance. Google monitors 40 vendors to detect exploitation attempts, finding that 35 of 72 zero-day exploits over the last decade targeted its products. Notable vendors include Cy4Gate, RCS … Read more
December 1, 2023 at 04:33PM Apple has released critical updates for iOS, iPadOS, macOS, and Safari to fix two serious security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) potentially exploited in targeted attacks. The flaws, identified by Google’s Clément Lecigne, affect a wide range of Apple devices and could allow data access and code execution. Concurrently, Google patched … Read more
November 30, 2023 at 03:48PM Google has released an urgent Chrome update to fix six security vulnerabilities, including an actively exploited zero-day flaw (CVE-2023-6345) relating to the Skia graphics library. Spyware risks are implied. Zyxel also patched critical issues affecting NAS devices. Users are urged to promptly update Chrome to mitigate security threats. Meeting Takeaways: … Read more
November 30, 2023 at 02:49PM Apple has patched 20 zero-day vulnerabilities in 2023, recently addressing two allowing attackers to exploit iPhones, iPads, and Macs via WebKit. The flaws enabled data access and code execution. Updates were issued for various devices and macOS versions. Google TAG identified the exploits, which historically targeted high-risk individuals. Clear Takeaways … Read more
November 29, 2023 at 12:09PM Google released an emergency security update for Chrome, patching the sixth zero-day vulnerability of the year, CVE-2023-6345, amid active exploits. Available globally, the update fixes an integer overflow in Skia graphics library. Google restricts exploit details to curb further misuse, especially for unpatched third-party software. Meeting Takeaways: 1. Google released … Read more
November 29, 2023 at 08:36AM Google has patched a zero-day vulnerability (CVE-2023-6345) impacting Chrome, involving an integer overflow in Skia graphics engine. Acknowledging active exploitation, Google’s update also fixes five other high-risk bugs, and issues $55,000 in bug bounties. This marks the seventh Chrome zero-day addressed in the year. Chrome version 119.0.6045.199/200 is being rolled … Read more