shanehuntley · TEXXR

Comprehensive report from Google's threat intelligence teams on 2023 observed 0 day in the wild. There's protections we can apply now but we all need to continue to invest to make 0day harder and our systems safer countering these threats. [image]

2024-03-28 View on X

The Record

Google researchers observed 97 zero-day exploits in the wild in 2023, up 50% from 62 in 2022; 48 were used by espionage actors and 10 were financially-motivated

Jonathan Greig / The Record :

View original

“Three former employees said Google's report in 2022 blew the lid on Variston's secrecy. One of the employees said the Google report exposing Variston “might have been the beginning of the end” for the spyware maker.” Anyway... https://techcrunch.com/...

2024-02-16 View on X

TechCrunch

Sources: spyware vendor Variston is closing after Google “burned” its name publicly in 2022; source: a disgruntled staffer sent its malicious code to Google

The company's apparent demise came after Google “burned” Variston's name publicly, exposing its hacking tools. … X: Lorenzo Franceschi-Bicchierai / @lorenzofb : When Google publicl...

View original

Launching today our new report “Tool of First Resort: Israel-Hamas War in Cyber” https://blog.google/... Cyber provides a lower-cost, lower-risk way for rivals to engage in conflict, gather information, disrupt daily life, and shape public perceptions. 🧵

2024-02-14 View on X

Bloomberg

Google's TAG says a pro-Palestinian hacking group targeted Israeli software engineers to download malware ahead of October 7, in an attack dubbed Blackatom

Apple's Longest-Serving Designer to Depart Company, Adding to Exodus — Apple iMessage, Microsoft Bing Dodge EU's Big Tech Crackdown

View original

These commercial surveillance vendors are also behind half of known 0-day exploits targeting Google products as well as Android ecosystem devices. [image]

2024-02-07 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

Twitter's natural heir is finally open to the public — and it has some big ideas for social networking Shane Huntley / The Keyword : Buying Spying: How the commercial surveillance ...

View original

But first check out the full 50 page report pulling together years of work by on understanding and countering these threats. https://storage.googleapis.com/ ... Thanks @auroracath @billyleonard @_clem1 @maddiestone @az_matazz @t_gidwani @charley_snyder_ + others for the tireless work.

2024-02-07 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

Twitter's natural heir is finally open to the public — and it has some big ideas for social networking Shane Huntley / The Keyword : Buying Spying: How the commercial surveillance ...

View original

Announcing the latest report from Threat Analysis Group documents the rise of commercial surveillance vendors and the industry that threatens free speech, the free press and the open internet https://blog.google/... Some highlights below. 🧵

2024-02-07 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

Twitter's natural heir is finally open to the public — and it has some big ideas for social networking Shane Huntley / The Keyword : Buying Spying: How the commercial surveillance ...

View original

The proliferation of spyware causes real world harm. We partnered with @Jigsaw to highlight the stories of three high-risk users who attested to the fear felt when these tools were used against them. [image]

2024-02-07 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

Twitter's natural heir is finally open to the public — and it has some big ideas for social networking Shane Huntley / The Keyword : Buying Spying: How the commercial surveillance ...

View original

These commercial surveillance vendors are also behind half of known 0-day exploits targeting Google products as well as Android ecosystem devices. [image]

2024-02-06 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

The commercial spyware industry continues to supply highly advanced surveillance capabilities despite efforts to better regulate it.

View original

But first check out the full 50 page report pulling together years of work by on understanding and countering these threats. https://storage.googleapis.com/ ... Thanks @auroracath @billyleonard @_clem1 @maddiestone @az_matazz @t_gidwani @charley_snyder_ + others for the tireless work.

2024-02-06 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

The commercial spyware industry continues to supply highly advanced surveillance capabilities despite efforts to better regulate it.

View original

Announcing the latest report from Threat Analysis Group documents the rise of commercial surveillance vendors and the industry that threatens free speech, the free press and the open internet https://blog.google/... Some highlights below. 🧵

2024-02-06 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

The commercial spyware industry continues to supply highly advanced surveillance capabilities despite efforts to better regulate it.

View original

The proliferation of spyware causes real world harm. We partnered with @Jigsaw to highlight the stories of three high-risk users who attested to the fear felt when these tools were used against them. [image]

2024-02-06 View on X

CyberScoop

Google's TAG publishes a report on commercial spyware, detailing ~40 vendors, and says global governments should take more aggressive steps to combat spyware

The commercial spyware industry continues to supply highly advanced surveillance capabilities despite efforts to better regulate it.

View original

Sad “Reuters has temporarily removed the article “How an Indian startup hacked the world” to comply with a preliminary court order issued on Dec. 4, 2023, in a district court in New Delhi, India. Reuters stands by its reporting...” https://www.reuters.com/...

2023-12-07 View on X

Reuters

Reuters temporarily removes its article titled “How an Indian startup hacked the world” to comply with an Indian court order, and plans to appeal the decision

Reuters has temporarily removed the article “How an Indian startup hacked the world” to comply with a preliminary court order issued …

View original

North Korea 🇰🇵 thinks it's easier to steal 0day from researchers than to find it themselves. If you are doing security research or have privileged access you have to assume you could be targeted at some point by a nation state.

2023-09-10 View on X

Ars Technica

Google says North Korea-backed hackers are again targeting security researchers via a zero-day exploit; this still unfixed flaw is in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package. — North Korea-backed hackers …

View original

North Korea 🇰🇵 thinks it's easier to steal 0day from researchers than to find it themselves. If you are doing security research or have privileged access you have to assume you could be targeted at some point by a nation state.

2023-09-09 View on X

Ars Technica

Google says North Korea-backed hackers are targeting security researchers with an exploit using a currently unfixed zero-day flaw in a popular software package

Google researchers say currently unfixed vulnerability affects a popular software package. — North Korea-backed hackers …

View original

7 Apr: iOS/Mac 0day in the wild patched https://support.apple.com/... 14 Apr: Chrome 0day in the wild patched https://chromereleases.googleblog.com/ ... Both found by @_clem1 (TAG). Two different surveillance vendors. Great finds! Great fast patching! 👍 Wish these weren't so common though. 😔

2023-04-17 View on X

BleepingComputer

Google rolls out a Chrome security update to patch a zero-day, exploited in the wild, due to a high-severity type confusion weakness in the V8 JavaScript engine

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.

View original

7 Apr: iOS/Mac 0day in the wild patched https://support.apple.com/... 14 Apr: Chrome 0day in the wild patched https://chromereleases.googleblog.com/ ... Both found by @_clem1 (TAG). Two different surveillance vendors. Great finds! Great fast patching! 👍 Wish these weren't so common though. 😔

2023-04-16 View on X

BleepingComputer

Google rolls out a Chrome security update to patch a zero-day, exploited in the wild, due to a high-severity type confusion weakness in the V8 JavaScript engine

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.

View original

Hey Bing AI: Define shady and desperate. Sure, here you go: https://www.neowin.net/...

2023-02-22 View on X

9to5Google

Microsoft appears to be injecting ads for Edge on a Google.com website when users download Chrome using the latest Edge Canary preview on Windows

Microsoft sees its browser as an important aspect and entry point for the new Bing. Microsoft Edge on Windows is now showing a rather aggrieve ad …

View original

“Fog of War: How the Ukraine conflict Transformed the Cyber Threat Landscape” TAG's biggest ever report. Along with @Mandiant and others from @Google we outline insights into changes in the cyber threat landscape triggered by the war. https://blog.google/... 1/7

2023-02-16 View on X

The Keyword

Analysis of the cyber threat landscape one year after Russia invaded Ukraine shows Russia's aggressive multi-pronged plan across five phases with mixed success

One year after the Russian invasion of Ukraine, Google TAG, Mandiant, and Trust & Safety provide insights into changes in the cyber threat landscape triggered by the war.

View original

Our colleagues at Mandiant outline the five phases of Russian Cyber operations during the war and the use of wipers and destructive attacks. 4/7 https://twitter.com/...

2023-02-16 View on X

The Keyword

Analysis of the cyber threat landscape one year after Russia invaded Ukraine shows Russia's aggressive multi-pronged plan across five phases with mixed success

One year after the Russian invasion of Ukraine, Google TAG, Mandiant, and Trust & Safety provide insights into changes in the cyber threat landscape triggered by the war.

View original

Russian government-backed attackers ramped up cyber operations beginning in 2021 during the run up to the invasion. In 2022, Russia increased targeting of users in Ukraine by 250% compared to 2020. Targeting of users in NATO countries increased over 300% in the same period. 3/7 https://twitter.com/...

2023-02-16 View on X

The Keyword

Analysis of the cyber threat landscape one year after Russia invaded Ukraine shows Russia's aggressive multi-pronged plan across five phases with mixed success

One year after the Russian invasion of Ukraine, Google TAG, Mandiant, and Trust & Safety provide insights into changes in the cyber threat landscape triggered by the war.

View original