Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem

March 31, 2023

Read Time:39 Second

Several commercial spyware vendors developed and used zero-day exploits against iOS and Android users last year. However, their exploit chains also relied on known vulnerabilities to work, highlighting the importance of both users and device manufacturers to speed up the adoption of security patches.

“The zero-day exploits were used alongside n-day exploits and took advantage of the large time gap between the fix release and when it was fully deployed on end-user devices,” researchers with Google’s Threat Analysis Group (TAG) said in a report detailing the attack campaigns. “Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits.”

To read this article in full, please click here

Third of UK Supply Chain Relies on “Chinese Military” Companies

Mandatory Coinbase wallet migration? It’s a phishing scam!

Compliance without Complexity

Cloudflare Introduces E2E Post-Quantum Cryptography Protections

UK’s Online Safety Act: Ofcom Can Now Issue Sanctions

Researchers Confirm BlackLock as Eldorado Rebrand

Improvements in Brute Force Attacks

US Legislators Demand Transparency in Apple’s UK Backdoor Court Fight

£1M Lost as UK Social Media and Email Account Hacks Skyrocket