In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- $5.2 billion in BTC transactions tied to top 10 ransomware variants – US Treasury
October 15, 2021
More than $5 billion in bitcoin transactions has been tied to the top ten ransomware variants, according to a report released by the US Treasury on Friday. The department’s Financial Crimes Enforcement Network (FinCen) and Office of Foreign Assets Control (OFAC) released two reports illustrating just how lucrative cybercrime related to ransomware has become for the ...
- Security Risks with Private 5G in Manufacturing Companies Part. 2
October 15, 2021
The steel industry is a prime area for installing Private 5G Private 5G is said to bring about the “democratization of communications.” This technology allows private companies and local governments to take the driving seat in operating the latest information communication systems. However, not all organizations have the knowledge and ability to deal with telecom technology, ...
- TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
October 15, 2021
The cybercriminals behind the infamous TrickBot trojan have signed two additional distribution affiliates, dubbed Hive0106 (aka TA551) and Hive0107 by IBM X-Force. The result? Escalating ransomware hits on corporations, especially using the Conti ransomware. The development also speaks to the TrickBot gang’s increasing sophistication and standing in the cybercrime underground, IBM researchers said: “This latest development ...
- New Yanluowang ransomware used in targeted attacks
October 14, 2021
The Symantec Threat Hunter Team, a part of Broadcom Software, has uncovered what appears to be a new ransomware threat called Yanluowang that is being used in targeted attacks. In a recent attempted ransomware attack against a large organization, Symantec obtained a number of malicious files that, upon further investigation, revealed the threat to be a ...
- Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes
October 14, 2021
Recently, Unit 42 has observed active exploits related to an open-source service called Interactsh. This tool can generate specific domain names to help its users test whether an exploit is successful. It can be used by researchers – but also by attackers – to validate vulnerabilities via real-time monitoring on the trace path for the ...
- Secure Manufacturing on Cloud, Edge and 5G
October 13, 2021
Global manufacturers need to digitize their manufacturing processes and transform their business into a digital enterprise. Digital manufacturing is an advancement that many businesses have been using, with 60% of factories already using the cloud (87% including businesses who will soon implement it) and 26% with Private 5G already implemented (67% including enterprises who will ...