Several commercial spyware vendors developed and used zero-day exploits against iOS and Android users last year. However, their exploit chains also relied on known vulnerabilities to work, highlighting the importance of both users and device manufacturers to speed up the adoption of security patches.
“The zero-day exploits were used alongside n-day exploits and took advantage of the large time gap between the fix release and when it was fully deployed on end-user devices,” researchers with Google’s Threat Analysis Group (TAG) said in a report detailing the attack campaigns. “Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits.”
More Stories
Third of UK Supply Chain Relies on “Chinese Military” Companies
Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains Read...
Mandatory Coinbase wallet migration? It’s a phishing scam!
An ingenious phishing scam is targeting cryptocurrency investors, by posing as a mandatory wallet migration. Read more in my article...
Compliance without Complexity
Evolving Regulatory Requirements Governments across the globe have introduced new legislation to address the escalating risks of cybersecurity threats. In...
Cloudflare Introduces E2E Post-Quantum Cryptography Protections
Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats Read More
UK’s Online Safety Act: Ofcom Can Now Issue Sanctions
From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child...
Researchers Confirm BlackLock as Eldorado Rebrand
DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the...