https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html … thanks to @_clem1, @5aelo for their joint work on this. This has been a huge effort to pull apart and document almost every byte of a multi-year in-the-wild exploitation campaign, which used 14 different iOS exploits.
-
-
This is really incredible work! Is there a reason you published without identifying the network infrastructure associated with these attacks? Everyone I know is dying to search their web logs right about now.
- 1 more reply
New conversation -
-
-
Please follow for DM. I have questions about why you are not naming the targeted population.
-
My DMs are open for anyone who can provide detail on the exploited websites and targeted population.
End of conversation
New conversation -
-
-
But the vulnerabilities didnt change.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Very interesting. But as a journalist I have two question: - why now, in perfect time with new iphone launch invitation - why no words on the website that use these tecnique? Geo distribution, one sample, etc?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
A few lessons for
#SailfishOS and#auroraosThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Admitting that I have yet fully read, did you get any info in terms of attribution you can disclose? ;)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Great work, but one glaring omission: which websites were infected? Since neither you nor
@Google are disclosing these details, one is lead to speculate that that the infected website list would lead suspicions to a state actor in a major market => headaches for Google. Disclose!Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.