<pie_>
partnering with the Google Threat Analysis Group (TAG), one of the first results of this initiative was the discovery of a watering hole attack in Q1 2020 performed by a highly sophisticated actor.
<pie_>
Unfortunately, public 0-day reports rarely include captured exploits, which could provide invaluable insight into exploitation techniques and design decisions made by real-world attackers. In addition, we believe there to be a gap in the security community’s ability to detect 0-day exploits." "Therefore, Project Zero has recently launched our own initiative aimed at researching new ways to detect 0-day exploits in the wild. Through
<pie_>
We discovered two exploit servers delivering different exploit chains via watering hole attacks. One server targeted Windows users, the other targeted Android. Both the Windows and the Android servers used Chrome exploits for the initial remote code execution. The exploits for Chrome and Windows included 0-days. For Android, the exploit chains used publicly known n-day exploits. Based on the actor's sophistication, we think it's likely that
<pie_>
they had access to Android 0-days, but we didn't discover any in our analysis. [...] We understand this attacker to be operating a complex targeting infrastructure, though it didn't seem to be used every time. [...] We believe that teams of experts have designed and developed these exploit chains. We hope this blog post series provides others with an in-depth look at exploitation from a real world, mature, and presumably well-resourced
<pie_>
actor.
<pie_>
hm strange, isnt this actually news from yesterday? :P
puck has quit [Quit: nya]
puck has joined #spectrum
tilpner has quit [Remote host closed the connection]
tilpner has joined #spectrum
jpds has quit [Remote host closed the connection]
jpds has joined #spectrum
<pie_>
I wonder if one of these days google is going to end up writing their own font renderer
cole-h has joined #spectrum
jpds has quit [Remote host closed the connection]
jpds has joined #spectrum
cole-h has quit [Quit: Goodbye]
cole-h has joined #spectrum
tilpner has quit [Remote host closed the connection]
tilpner has joined #spectrum
jpds has quit [Remote host closed the connection]
jpds has joined #spectrum
<pie_>
does anyone have a threat model for text editors?