Google’s Threat Analysis Group (TAG) has linked three exploitation frameworks and several vulnerabilities that were likely exploited as zero-day exploits at some point to Variston, a Spanish commercial spyware vendor.
Variston claims to offer specialized security solutions on its website. The Barcelona-based business provides industrial control systems (ICS) and Internet of Things (IoT) embedded systems with security products and specialized patches. Additionally, training and data discovery services are provided.
Also Read: Analyzing CISA’s Cross-Industries Cybersecurity Performance Objectives
After receiving an anonymous submission in the Chrome bug bounty programme, Google learned about Variston’s products. Three vulnerabilities were mentioned by the reporter, and TAG researchers discovered Variston after analyzing the reports.
Read More: Google Links Exploitation Frameworks to Spanish Spyware Vendor Variston
