Maddie Stone

🪲 New blog from me, Clem, and Kristen on the Zimbra in-the-wild 0-day, CVE-2023-37580, discovered by TAG in the summer. We discovered 4 different campaigns using the bug against organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.

https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/

🔮NEW RCA!! A few hours after it was patched, TAG found an ITW exploit sample for CVE-2023-36802. @benoitsevens@beta.mstdn.cf analyzed it in detail ✨

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html

North Korean actors 🇰🇵​ are targeting security researchers again including the use of at least one 0-day. IOCs in blog ⬇️​ If you've been in contact, please reach out

https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/

@pheonix@fosstodon.org Not a you problem :) We're working on it

https://bugzilla.mozilla.org/show_bug.cgi?id=1845775

@pheonix@fosstodon.org I'm not sure what to say? The link is loading for me when I click. Maybe the non-direct link works? security.googleblog.com

Google's 2022 Year in Review of in-the-wild 0-days is out! 4 key takeaways:
🤖 N-days function like 0-days on Android
⚡️ 0-clicks and new browser mitigations drive down browser 0-days
👯 Over 40% of itw 0-days are variants
💥 Bug collisions are high

#itw0days

https://security.googleblog.com/2023/07/the-ups-and-downs-of-0-days-year-in.html

🎯 New RCA up for CVE-2022-4135, a Chrome itw 0-day that was patched in November!! The bug was discovered by Clement and the RCA authored by Sergei. #itw0days

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-4135.html

👀 New RCA up for CVE-2022-41033, a type confusion in Windows COM+ Event System Service by @tiraniddo@infosec.exchange !
#itw0days

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html

First in-the-wild 0-day of 2023 🔥

CVE-2023-21674: Windows ALPC elevation of privilege discovered by Avast

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674

All 2023 itw 0-days will be tracked here: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1746868651

#itw0days

Hiii! I'm taking 6 weeks off work to rest and recharge so won't be back on here until Jan. This is what I've done with my first week and a half off so far. This project will be on hold for a bit though as it's time for me to go on a surf vacation! 🏄🏽‍♀️​ See you in 2023!