AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() The urgency with which Google responded to this zero-day vulnerability underscores the ever-present and evolving nature of online threats. These tactics were deployed to surreptitiously deliver the spyware to both Android and iOS devices, marking a troubling development in the realm of cyber espionage. ![]() The analysis of this operation uncovered a disconcerting use of various zero-day vulnerabilities and man-in-the-middle ( MitM) attacks. The operation aimed to deliver a potent piece of spyware, ominously named “Predator,” to an opposition politician in Egypt. This revelation comes hot on the heels of an announcement by Google TAG and the University of Toronto’s Citizen Lab group regarding an operation with malicious intentions. Although Google’s advisory does not delve into specifics regarding the nature of these attacks, insights from Maddie Stone, a researcher with Google TAG, reveal that the zero-day vulnerability was leveraged by a commercial surveillance vendor. ![]() What makes CVE-2023-5217 particularly concerning is that it has already been exploited in the wild. The most critical of these vulnerabilities, identified as CVE-2023-5217, has been characterized as a “heap buffer overflow in vp8 encoding in libvpx.” This security flaw was reported to the Chrome development team by Clement Lecigne, a member of Google’s Threat Analysis Group (TAG), just days before the patch’s release. While this update addresses a total of ten vulnerabilities, three of them are particularly noteworthy, according to the company’s advisory. On Tuesday, Google officially unveiled the stable channel update for Chrome, which brings the browser to version 1.132. ![]() The update, available for Windows, macOS, and Linux users, is aimed at patching a zero-day vulnerability that was reportedly exploited by a commercial spyware vendor. In a swift response to a potentially dangerous cybersecurity threat, Google has released an urgent update for its Chrome web browser. The Recent Chrome Update Follows Unveiling of Cytrox’s Predator Spyware Targeting iOS Devices of Egyptian Politician by Google TAG and University of Toronto’s Citizen Lab. ![]()
0 Comments
Read More
Leave a Reply. |