Security News > 2021 > July > Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year.
The four security flaws were found by Google Threat Analysis Group and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple's Safari web browser.
"We tie three to a commercial surveillance vendor arming govt backed attackers and one to likely Russian APT," Google Threat Analysis Group's Director Shane Huntley said.
"Halfway into 2021, there have been 33 0-day exploits used in attacks that have been publicly disclosed this year - 11 more than the total number from 2020," Google researchers added.
This can't be said about the CVE-2021-1879 Safari flaw, which, according to Google, was used via LinkedIn Messaging "To target government officials from western European countries by sending them malicious links."
Google researchers said the attackers were part of a likely Russian government-backed actor abusing this zero-day to target iOS devices running older versions of iOS. While Google didn't link the exploit to a specific threat group, Microsoft says the culprit is Nobelium, the state-sponsored hacking group behind last year's SolarWinds supply-chain attack that led to the compromise of several US federal agencies.
News URL
Related news
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-02 | CVE-2021-1879 | Cross-site Scripting vulnerability in Apple Watchos This issue was addressed by improved management of object lifetimes. | 6.1 |