New Chrome Browser 0-day Under Active Attack—Update Immediately!

 By The Hacker News - 2021-02-05

Description

Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.

Summary

  • Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.
  • The security flaw was reported to Google by Mattias Buelens on January 24.
  • While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.
  • In a separate technical write-up, South Korean cybersecurity firm ENKI said the North Korean state-sponsored hacking group known as Lazarus made an unsuccessful attempt at targeting its security researchers with malicious MHTML files that, when opened, downloaded two payloads from a remote server, one of which contained a zero-day against Internet Explorer. "

 

Topics

  1. Security (0.3)
  2. Backend (0.17)
  3. Management (0.11)

Similar Articles

North Korean Hackers Hide in Plain Sight

By hackernoon - 2021-02-01

On the evening of the 25th January 2021, Google’s Threat Analysis Group published details of a campaign targeting security researchers attributed by them to “a government-backed entity based in North ...

Linux malware backdoors supercomputers

By Help Net Security - 2021-02-02

ESET researchers discovered Kobalos, a malware that has been attacking supercomputers – high performance computer (HPC) clusters.

Platforms, bundling and kill zones

By Benedict Evans - 2020-12-29

What does it mean when Google, Microsoft or Apple turn your whole company into a feature? When do we let a tech giant build and when do we call the anti-trust lawyers? And what does that mean for Spot ...