North Korean actors π°π΅β are targeting security researchers again including the use of at least one 0-day. IOCs in blog β¬οΈβ If you've been in contact, please reach out
| https://twitter.com/maddiestone | |
| Website | https://ragingrock.com |
Maddie Stone
- 7K Followers
- 41 Following
- 34 Posts
Security Researcher at Google Project Zero | 0-days exploited in-the-wild |
Google's 2022 Year in Review of in-the-wild 0-days is out! 4 key takeaways:
π€ N-days function like 0-days on Android
β‘οΈ 0-clicks and new browser mitigations drive down browser 0-days
π― Over 40% of itw 0-days are variants
π₯ Bug collisions are high
https://security.googleblog.com/2023/07/the-ups-and-downs-of-0-days-year-in.html
π― New RCA up for CVE-2022-4135, a Chrome itw 0-day that was patched in November!! The bug was discovered by Clement and the RCA authored by Sergei. #itw0days
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-4135.html
π New RCA up for CVE-2022-41033, a type confusion in Windows COM+ Event System Service by @tiraniddo !
#itw0days
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html
Hiii! I'm taking 6 weeks off work to rest and recharge so won't be back on here until Jan. This is what I've done with my first week and a half off so far. This project will be on hold for a bit though as it's time for me to go on a surf vacation! ππ½ββοΈβ See you in 2023!
