Tracking cyber activity in Eastern Europe
In early March, Google’s Threat Analysis Group (TAG) published an update on the cyber activity it was tracking with regard to the war in Ukraine. Since our last update, TAG…
Countering threats from North Korea
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups' activity has been publicly tracked…
Exposing initial access broker with ties to Conti
In early September 2021, Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444). Investigating this group's…
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need…
TAG Bulletin: Q1 2022
This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q1 2022. It was last updated on February 28, 2022.JanuaryWe terminated 3 YouTube channels as part of our…