Bleeping Computer

FEBRUARY 6, 2024

Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide. [.]

Spyware 128

Spyware Mobile 128

Security Affairs

FEBRUARY 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as CVE-2023-4762 , to its Known Exploited Vulnerabilities (KEV) catalog.

Spyware 113

Spyware Hacking Cybersecurity Risk 113

Security Affairs

FEBRUARY 19, 2024

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia.

Government 123

Government Social Engineering Engineering Hacking 123

Security Affairs

OCTOBER 18, 2023

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR.

Cybercrime 126

Cybercrime Malware Software Hacking 126

Bleeping Computer

SEPTEMBER 12, 2023

Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks. [.]

138

138

Security Affairs

SEPTEMBER 8, 2023

North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). ” reads the advisory published by Google TAG.

Cybersecurity 114

Cybersecurity Media Accountability Software 114

Google Security

APRIL 8, 2024

The keys themselves have no location capabilities, but they may have a Bluetooth tag attached. Nearby Android devices participating in the Find My Device network report the location of the Bluetooth tag. Only the Bluetooth tag owner (and those they’ve chosen to share access with) can decrypt and view the tag’s location.

Encryption 89

Encryption Risk Architecture Mobile 89

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Google’s TAG tracked the activity of around 40 CSVs focusing on the types of software they develop. ” reads the report published by Google. ” concludes Google.

Spyware 115

Spyware Surveillance Government Software 115

Security Affairs

JULY 27, 2023

Zimbra addressed a zero-day vulnerability exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Two weeks ago Zimbra urged customers to manually install updates to fix a zero-day vulnerability , now tracked as CVE-2023-38750 , that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers.

Hacking 96

Hacking Cyber threats Risk Information Security 96

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple this week released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild.

Spyware 113

Spyware Surveillance Mobile Hacking 113

Penetration Testing

JANUARY 16, 2024

Tagged as CVE-2024-0519, this high-severity loophole marks the year’s first major security challenge for the popular... The post CVE-2024-0519: Google Chrome’s Latest Zero-Day Vulnerability appeared first on Penetration Testing.

Penetration Testing 103

Penetration Testing 103

Bleeping Computer

MARCH 29, 2023

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' devices. [.]

Spyware 132

Spyware 132

Security Boulevard

MARCH 12, 2024

The goal is to eliminate a broad class of software defects that make up to 70 percent of all vulnerabilities, according to researchers at Microsoft and Google. The post A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity appeared first on Security Boulevard.

Software 57

Software 57

Krebs on Security

APRIL 15, 2024

Cybersecurity & Infrastructure Security Agency (CISA) warned about a remotely exploitable vulnerability with “low attack complexity” in Chirp Systems smart locks. “Chirp Systems has not responded to requests to work with CISA to mitigate this vulnerability.” is being sued by multiple U.S.

Software 270

Software Mobile Marketing Engineering 270

Security Affairs

JUNE 19, 2022

A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites. The researchers believe that this vulnerability is being actively exploited in the wild, it has been rated with a CVSS score of 9.8. The vulnerability resides in the Merge Tag feature of the plugin.

Hacking 122

Hacking Cybersecurity Information Security 122

The Hacker News

NOVEMBER 28, 2023

Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

107

107

Security Affairs

JULY 13, 2023

Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install updates to fix a zero-day vulnerability that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers.

Hacking 97

Hacking Backups Cyber threats Authentication 97

Bleeping Computer

MAY 22, 2022

Google's Threat Analysis Group (TAG) says that state-backed threat actors used five zero-day vulnerabilities to install Predator spyware developed by commercial surveillance developer Cytrox. [.].

Spyware 141

Spyware Surveillance 141

Security Affairs

DECEMBER 8, 2022

North Korea-linked APT37 group (aka ScarCruft , Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128 , in attacks aimed at South Korean users. “These malicious documents exploited an Internet Explorer 0-day vulnerability in the JScript engine, CVE-2022-41128. .

Internet 99

Internet Internet Engineering Malware 99

The Hacker News

JULY 7, 2023

Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities.

Software 91

Software 91

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware 93

Spyware Surveillance Mobile Education 93

Security Affairs

AUGUST 2, 2023

Although the leaked data itself wouldn’t be sufficient to gain complete control over the website, it could significantly simplify the process of a potential takeover for attackers, especially if they manage to identify other vulnerable endpoints. Google Tag Manager ID specifies which tag manager container should be used by the website.

Passwords 98

Passwords Accountability Mobile Hacking 98

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm.

Spyware 103

Spyware Surveillance Risk Internet 103

Bleeping Computer

NOVEMBER 30, 2022

Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company. [.].

Spyware 108

Spyware Software 108

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.

Spyware 96

Spyware Surveillance Firmware Internet 96

Security Affairs

OCTOBER 25, 2023

ESET researchers pointed out that is a different vulnerability than CVE-2020-35730 , that the group exploited in other attacks. In recent attacks, the group was observed exploiting a XSS vulnerability, tracked as CVE-2023-5631 , by sending a specially crafted email message. The vulnerability affects Roundcube versions 1.6.x

Software 119

Software Government Phishing Internet 119

Security Affairs

JULY 23, 2023

Researchers reported that more than 15000 Citrix servers exposed online are likely vulnerable to attacks exploiting the vulnerability CVE-2023-3519. The IT giant warns of the availability of exploits for this vulnerability that have been observed in attacks against unmitigated appliances. reads the advisory published by CISA.

VPN 97

VPN Cyber Attacks Software Cybersecurity 97

Bleeping Computer

JANUARY 13, 2022

A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "won't fix." [.].

126

126

Security Affairs

APRIL 2, 2024

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin that can lead to malicious script injection.

Accountability 125

Accountability Hacking Information Security 125

The Hacker News

JUNE 6, 2023

Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023.

Engineering 99

Engineering 99

SecureWorld News

OCTOBER 5, 2023

Zero-Day vulnerabilities refer to previously unknown security flaws that are exploited by attackers before the affected company has a chance to develop and release a software patch or fix. Notably, Qualcomm also disclosed three other critical vulnerabilities in its October 2023 bulletin : CVE-2023-24855, CVE-2023-28540, and CVE-2023-33028.

Manufacturing 106

Manufacturing Risk Software Cybersecurity 106

Security Affairs

JANUARY 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Surveillance 117

Surveillance Cybersecurity Hacking Risk 117

Malwarebytes

DECEMBER 12, 2023

Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices. But both vulnerabilities were credited to Clément Lecigne of Google’s Threat Analysis Group (TAG). Updates are available for: Safari 17.2

Spyware 81

Spyware Risk Cybersecurity 81

Security Affairs

OCTOBER 18, 2022

HelpSystems, the company that developed the Cobalt Strike platform, addressed a critical remote code execution vulnerability in its software. HelpSystems, the company that developed the commercial post-exploitation toolkit Cobalt Strike, addressed a critical remote code execution vulnerability, tracked as CVE-2022-42948, in its platform.

Architecture 115

Architecture Software Hacking Information Security 115

NetSpi Technical

MARCH 11, 2024

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. SensePost released an excellent set of blogs (see references) digging into the vulnerabilities and underlying technologies as well as the exploitation tool, Ruler. What makes that determination?”

Authentication 145

Authentication Penetration Testing Technology Phishing 145

Security Affairs

NOVEMBER 12, 2021

Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. Pierluigi Paganini.

Malware 139

Malware Media Surveillance Encryption 139

The Hacker News

APRIL 14, 2023

Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been

Engineering 99

Engineering 99