Tag: browser
-
RomCom nutzt Firefox und WindowsDay-Schwachstellen aus
by
in SecurityNewsESET Forscher finden bisher unbekannte Sicherheitslücke in Mozilla-Produkten und eine weitere Schwachstelle in Microsoft Windows, die in einem Zero-Click-Exploit kombiniert wurde First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/romcom-nutzt-firefox-und-windows-zero-day-schwachstellen-aus/
-
Google Introduces V8 Sandbox in Chrome to Enhance Security
by
in SecurityNewsGoogle has unveiled a new feature called the V8 Sandbox in its Chrome web browser to address memory corruption issues, aiming to protect against vulne… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/google-chrome-v8-sandbox/
-
Google Patches Chrome’s Fifth Zero-Day of the Year
by
in SecurityNewsFirst seen on threatpost.com Jump to article: threatpost.com/google-patches-chromes-fifth-zero-day-of-the-year/180432/
-
Deutsche im Visier: Wie Hacker Nutzer per Firefox angreifen ohne dass sie klicken müssen
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/deutsche-im-visier-hacker-nutzer-per-firefox-angreifen-1660477/
-
New RomCom attacks involve Windows, Firefox zero-day exploits
First seen on scworld.com Jump to article: www.scworld.com/brief/new-romcom-attacks-involve-windows-firefox-zero-day-exploits
-
Russian APT RomCom combines Firefox and Windows zero-day flaws in drive-by exploit
by
in SecurityNews
Tags: access, antivirus, apt, attack, backdoor, browser, business, computer, cve, cybercrime, cyberespionage, defense, endpoint, exploit, flaw, germany, government, group, insurance, intelligence, malicious, microsoft, msp, password, powershell, russia, software, threat, ukraine, vulnerability, windows, zero-dayA Russia-aligned group that engages in both cybercrime and cyberespionage operations used a zero-click exploit chain last month that combined previously unknown and unpatched vulnerabilities in Firefox and Windows.The campaign, whose goal was to deploy the group’s RomCom backdoor on computers, targeted users from Europe and North America. The APT group, also known as Storm-0978,…
-
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor
Watch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor. First seen on hackread.com Jump to article: hackread.com/russian-hackers-firefox-windows-0-days-backdoor/
-
Kein Klick nötig: Russische Hacker attackieren Windows-Nutzer via Firefox
by
in SecurityNewsFür einen erfolgreichen Angriff reicht der bloße Besuch einer speziell präparierten Webseite. Deutschland ist bei den Zielregionen ganz vorne mit dabei. First seen on golem.de Jump to article: www.golem.de/news/kein-klick-noetig-russische-hacker-attackieren-windows-nutzer-via-firefox-2411-191188.html
-
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
by
in SecurityNewsA Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities”, one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were chained together to allow the group to execute arbitrary code and install malicious backdoors on…
-
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
by
in SecurityNewsRussia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/romcom-apt-zeroday-flaws-firefox/
-
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery. The post Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-apt-chained-firefox-and-windows-zero-days-against-us-and-european-targets/
-
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
by
in SecurityNewsThe Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the Russian group, is a use-after-free…
-
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) Windows (CVE-2024-49039) with No User Interaction
by
in SecurityNews
Tags: attack, browser, cybersecurity, exploit, microsoft, russia, threat, vulnerability, windows, zero-dayIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day vulnerabilities in both Mozilla Firefox and Microsoft Windows. These vulnerabilities”, previously... First seen on securityonline.info Jump to article: securityonline.info/romcom-exploits-zero-days-in-firefox-cve-2024-9680-windows-cve-2024-49039-with-no-user-interaction/
-
Firefox 133.0 Released with Multiple Security Updates What’s New!
Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical security fixes. This latest release enhances privacy, developer tools, and enterprise functionality while introducing several new features and updates. Here’s everything you need to know! One of the most exciting additions is the new Bounce Tracking Protection, available in Firefox’s Enhanced…
-
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
by
in SecurityNewsThe innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/romcom-apt-zero-day-zero-click-browser-escapes-firefox-tor
-
Russian hackers exploit Firefox, Windows zero-days in wild
by
in SecurityNewsRomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers. First seen on Jump to article: /www.techtarget.com/searchsecurity/news/366616460/Russian-hackers-exploit-Firefox-Windows-zero-days-in-wild
-
Russia-linked hackers exploited Firefox and Windows bugs in ‘widespread’ hacking campaign
by
in SecurityNewsThe Russia-aligned RomCom gang exploited the vulnerabilities to target hundreds of Firefox users across Europe and North America. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/26/russia-linked-hackers-exploited-firefox-and-windows-zero-day-bugs-in-widespread-hacking-campaign/
-
RomCom Hackers Exploits Windows Firefox Zero-Day in Advanced Cyberattacks
by
in SecurityNewsIn a new wave of cyberattacks, the Russia-aligned hacking group >>RomCom>The compromise chain is composed of a […] The post RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/romcom-hackers-exploits-windows-firefox-zero-day/
-
Firefox and Windows zero-days exploited by Russian RomCom hackers
by
in SecurityNewsRussian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers/
-
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
by
in SecurityNewsThe Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.”In a successful attack, if a victim browses a web page containing the exploit, an…
-
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
by
in SecurityNewsRussia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/26/romcom-backdoor-cve-2024-9680-cve-2024-49039/
-
Google-Browser wird sicherer – Chrome warnt dominant vor gefährlichen Downloads
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/google-verstaerkt-malware-warnungen-a-9a95ac1c04a8b5e59a5e6f9305368ae0/
-
DOJ Orders Google to Sell Chrome to End Search Monopoly: A Possible Game-Changer for Competition
by
in SecurityNewsThe U.S. Department of Justice (DOJ) has proposed a series of remedies to curb Google’s dominance in the online search market. This proposal includes a demand of selling Google Chrome, one of the most popular internet browser on the market. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/doj-orders-google-chrome-sale/
-
DOJ Asks Google to Sell $20 Billion Worth Chrome to End Monopoly
In a dramatic escalation of its antitrust lawsuit against Google, the U.S. Department of Justice (DOJ) has proposed sweeping changes to the tech giant’s operations, including the forced sale of its Chrome browser and potentially its Android operating system. The proposal, which aims to address concerns over Google’s dominance in search distribution, has sparked sharp…
-
DOJ Proposes Breaking Up Google: Calls for Sale of Chrome Browser
by
in SecurityNewsThe DOJ proposes tough proposals in its antitrust lawsuit against Google, including selling the Chrome browser, limiting search… First seen on hackread.com Jump to article: hackread.com/doj-propose-breaking-up-google-selling-chrome-browser/
-
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-bitwarden-ads-on-facebook-push-info-stealing-chrome-extension/
-
Google Chrome 129 legt Fokus auf Zertifikate, HTTP-Sicherheit und AI
by
in SecurityNewsFirst seen on computerbase.de Jump to article: www.computerbase.de/2024-09/google-browser-chrome-129-legt-fokus-auf-zertifikate-http-sicherheit-und-ai
-
Mozilla Foundation lays off 30% staff, drops advocacy division
by
in SecurityNewsThis is the second layoff at Mozilla this year, the first affecting dozens of staff on the side of the organization that builds the popular Firefox br… First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/05/mozilla-foundation-lays-off-30-staff-drops-advocacy-division/
-
Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies
by
in SecurityNewsThe Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a .NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators,…
-
Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption
by
in SecurityNewsThe Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks. The post Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/glove-stealer-malware-bypasses-chromes-app-bound-encryption/