all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing a Modern In-the-wild Android Exploit

Add to bookmarks
g
Sept. 19, 2023, 4:01 p.m. | noreply@blogger.com (Google Project Zero)

Project Zero googleprojectzero.blogspot.com

By Seth Jenkins, Project Zero

Introduction


In December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsung Android devices. TAG’s blog post covers the targeting and the actor behind the campaign. This is a technical analysis of the final stage of one of the exploit chains, specifically CVE-2023-0266 (a 0-day in the ALSA compatibility layer) and CVE-2023-26083 (a 0-day in the Mali GPU driver) as well as the techniques used by the attacker to gain kernel …

actor analysis android android devices blog blog post campaign cve december devices exploit google jenkins project samsung stage tag targeting technical technical analysis threat threat analysis threat analysis group

Visit resource

More from googleprojectzero.blogspot.com / Project Zero

Pr
The Windows Registry Adventure #2: A brief history of the feature 1 week, 2 days ago | googleprojectzero.blogspot.com
database feature google google project zero +13
Pr
The Windows Registry Adventure #1: Introduction and research results 1 week, 2 days ago | googleprojectzero.blogspot.com
bugs december december 2023 escalation +22
Pr
First handset with MTE on the market 5 months, 3 weeks ago | googleprojectzero.blogspot.com
arm back brand device +12
Pr
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit 6 months, 2 weeks ago | googleprojectzero.blogspot.com
amnesty amnesty international analysis apple +29
Pr
Analyzing a Modern In-the-wild Android Exploit 7 months, 1 week ago | googleprojectzero.blogspot.com
actor analysis android android devices +19
Pr
Summary: MTE As Implemented 8 months, 3 weeks ago | googleprojectzero.blogspot.com
access arm blog blog post +13
Pr
MTE As Implemented, Part 1: Implementation Testing 8 months, 3 weeks ago | googleprojectzero.blogspot.com
access architecture arm brand +12
Pr
MTE As Implemented, Part 3: The Kernel 8 months, 3 weeks ago | googleprojectzero.blogspot.com
access architecture arm brand +11
Pr
MTE As Implemented, Part 2: Mitigation Case Studies 8 months, 3 weeks ago | googleprojectzero.blogspot.com
access architecture arm brand +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Officer Hospital Laguna Beach

@ Allied Universal | Laguna Beach, CA, United States
View on infosec-jobs.com

Sr. Cloud DevSecOps Engineer

@ Oracle | NOIDA, UTTAR PRADESH, India
View on infosec-jobs.com

Cloud Operations Security Engineer

@ Elekta | Crawley - Cornerstone
View on infosec-jobs.com

Cybersecurity – Senior Information System Security Manager (ISSM)

@ Boeing | USA - Seal Beach, CA
View on infosec-jobs.com

Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs