In addition to Windows and the Chrome browser, the investigated group tried to attack Android smartphones. However, publicly known vulnerabilities were used there (but not necessarily closed on a specific device). In addition to how the exploits themselves work, this parts of the article consider actions after hacking a mobile device: gaining full access, attempts to hide functionality from researchers, communication with the C&C server, data output.
What else happened:
On Tuesday January 12th, Microsoft posted the first set of patches this year. Fixed 10 critical vulnerabilities, including a major issue in the Microsoft Malware Protection Engine.
Adobe, in addition to permanently blocking the Adobe Flash plugin, closed a number of recent vulnerabilities in their products, including a serious bug in Photoshop.
Kaspersky Lab experts discovered similarities between the malicious code used in the Sunburst attack and the Kazuar backdoor, known since 2017.
Starting February 9th, Microsoft will force block unsecured connections to domain controllers to prevent Zerologon attacks. We wrote about this vulnerability in detail in August. Then the radical solution to the problem had to be postponed so that the administrators had time to prepare.
In the Orbit Fox WordPress Plugin discovered critical vulnerability. Multifunctional plugin allows you to generate registration forms, errors in which can be used to gain full control over the site.