All news with #sandbox escape tag

Intellexa Continues Exploitation of Zero-Day Bugs Worldwide

🔍 Google Threat Intelligence Group (GTIG) analysis shows that Intellexa, vendor of the Predator spyware, continues to develop and deploy zero‑day exploits against mobile browsers and operating systems despite sanctions. GTIG attributes 15 unique zero‑days to Intellexa out of roughly 70 discovered since 2021, spanning RCE, sandbox escape, and LPE flaws on iOS, Android, and Chrome. The company uses modular exploit frameworks, acquires exploit chain steps from third parties, delivers payloads via one‑time messaging links and malvertising, and embeds anti‑analysis watcher modules to abort operations on detection.

Malware Analysis on AWS: Building Secure Isolated Sandboxes

🔒 This AWS blog explains how security teams can run malware analysis in the cloud while complying with AWS policies and minimizing risk. It recommends an architecture that uses an isolated VPC with no internet egress, ephemeral EC2 detonation hosts accessed via AWS Systems Manager Session Manager, and secure S3 storage via VPC gateway endpoints with encryption. The post emphasizes strong IAM and SCP guardrails, immutable hosts, automated teardown, centralized logging, and monitoring with CloudTrail and GuardDuty to maintain visibility and lifecycle control.