Google and ARM Tackle Android Bugs with Memory-Tagging
Threatpost
AUGUST 5, 2019
Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.
Threatpost
AUGUST 5, 2019
Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.
Security Affairs
MARCH 29, 2023
Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
JULY 8, 2023
CVE-2023-26083 CVE-2021-29256 CVE-2023-2136 The CVE-2023-26083 is an Arm Mali GPU kernel driver information disclosure vulnerability that the US CISA added to its Known Exploited Vulnerabilities catalog in April 2023. An unprivileged user can exploit the flaw to gain unauthorized access to sensitive data and escalate privileges to the root.
Security Affairs
JUNE 7, 2023
June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. Security updates released this month also addressed a vulnerability, tracked as CVE-2022-22706 , that affects the Arm Mali GPU.
Security Affairs
APRIL 1, 2023
Google TAG shared indicators of compromise (IoCs) for both campaigns. Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability.
Security Affairs
APRIL 20, 2023
The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).
Security Affairs
APRIL 8, 2023
The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022.
Let's personalize your content