Latest News: Binary Defense Launches “MDR Plus” — A New Holistic Approach to Advanced Threat Management

Get Informed

Search

Google Discloses Hacking Campaign with Windows, Android Targets

Recently, as first reported by Bleeping Computer, Google’s Project Zero identified and revealed a hacking campaign used by a “highly sophisticated actor” which targeted Windows and Android users with zero-day and n-day exploits.  By uncovering two exploit servers used in watering hole attacks, Project Zero researchers were able to uncover several of the exploits used by these threat actors including:

  • Renderer exploits for 4 bugs in Chrome, with one bug being a zero-day.
  • 2 sandbox escape exploits abusing 3 Windows zero-days.
  • A privilege escalation kit used for older versions of Android.

All bugs have since received patches after Project Zero’s discovery.

Analyst Notes

Since zero-days are fairly hard to anticipate, Binary Defense recommends employing a 24/7 SOC monitoring solution (like Binary Defense’s own Security Operations Task Force), as the zero-days may perform file/registry writes that produce alertable events.
https://www.bleepingcomputer.com/news/security/google-discloses-hacking-campaign-targeting-windows-android-users/