Google Shares New Info About Vulnerabilities Found In Chrome via @sejournal, @MattGSouthern
Google shares new research into the growing threat of commercial spyware.
Google security researchers are sharing new information about vulnerabilities detected in Chrome, Firefox, and Windows.
In a blog post, Google and Threat Analysis Group (TAG) detail steps taken since discovering a commercial spyware operation with ties to Variston IT.
Based in Barcelona, Spain, Variston IT claims to provide custom security solutions. However, the company is connected to an exploitation framework called “Heliconia.”
Heliconia works in three ways:
- It exploits a Chrome renderer bug to run malware on a user’s operating system.
- It deploys a malicious PDF document containing an exploit for Windows Defender.
- It utilizes a set of Firefox exploits for Windows and Linux machines.