(www.securityweek.com)

1. alphabetting ◴[20 Nov 24 02:02 UTC] No.42190173[source]▶

>The vulnerabilities, credited to Google’s TAG (Threat Analysis Group)

Do they find these by monitoring the brokers of zero days or analyzing devices of people who are being targeted?

replies(4): >>42190208 #>>42190296 #>>42190299 #>>42192485 #

2. wutwutwat ◴[20 Nov 24 02:09 UTC] No.42190208[source]▶

>>42190173 (TP) #

little of column a, little of column b

they also have insane peering and backbone network infra, run one of the largest cloud providers, host basically everyone's email, documents, and file storage, chat, app store, and have a native browser installed

I'm sure they have many different signals they can look at to see compromised type behavior differing from the profile they have on you

3. myHNAccount123 ◴[20 Nov 24 02:26 UTC] No.42190296[source]▶

>>42190173 (TP) #

I suspect firebase crashlytics is the source of many

4. ledoge ◴[20 Nov 24 02:26 UTC] No.42190299[source]▶

>>42190173 (TP) #

There's actually a very recent talk about this! https://www.youtube.com/watch?v=2zrcemxCg4Y

replies(1): >>42193241 #

5. xorcist ◴[20 Nov 24 10:21 UTC] No.42192485[source]▶

>>42190173 (TP) #

Both, but also a lot of original research. They are public about this.

6. tonfa ◴[20 Nov 24 12:19 UTC] No.42193241[source]▶

>>42190299 #

I also found a recent article: https://www.nzz.ch/english/googles-spyware-hunters-track-sta...

↑

Apple Confirms Zero-Day Attacks Hitting macOS Systems