A couple of weeks ago, Windhawk, the customization marketplace for Windows programs, was released. You can read the announcement for more details and for the motivation behind creating it. In this post, I’ll focus on my journey in implementing the technical aspects of Windhawk. If you prefer reading code to reading text, check out the demo implementation.
By Juha Saarinen on Jan 13, 2021 11:10AM
Highly sophisticated attackers used four zero-days.
Google s Project Zero security researchers have published a six-part detailed analysis of a set of vulnerabilities found on two exploit servers early last year that were to be used in so-called watering hole attacks with compromised web servers used to hack targets.
The report details the work of what Project Zero says is the work of a highly sophisticated actor who operates a complex targeting infrastructure.
Project Zero did not indicate who the actor might be, but said the exploit chains found are designed for efficiency and flexibility through their modularity.