In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- FIN7 Capitalizes on Windows 11 Release in Latest Gambit
September 3, 2021
The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows. That’s according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing “Windows 11 Alpha” – the “Insider Preview” version of the upcoming Windows 11 operating system ...
- Confessions of a ransomware negotiator: Well, somebody’s got to talk to the criminals holding data hostage
September 3, 2021
Many people outside of IT believe computers will do away with jobs, but the current ransomware plague shows that new and more curious kinds of jobs are created at least as fast. So what sort of background sets you up to talk to people holding your data for ransom? To find out, The Reg talked to ...
- Bluetooth Bugs Open Billions of Devices to DoS, Code Execution
September 2, 2021
Researchers have disclosed a group of 16 different vulnerabilities collectively dubbed BrakTooth, which impact billions of devices that rely on Bluetooth Classic (BT) for communication. According to an academic paper from the University of Singapore, the bugs are found in the closed commercial BT stack used by at least 1,400 embedded chip components, that can lead ...
- Cisco Releases Security Updates for Cisco Enterprise NFVIS
September 2, 2021
Cisco has released security updates to address a critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS) Release 4.5.1. A remote attacker could exploit this vulnerability to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- QakBot technical analysis
September 2, 2021
QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a decade. It was found in the wild in 2007 and since then it has been continually maintained and developed. In recent years, QakBot has become one of the leading banking Trojans around the globe. Its main purpose is ...
- In space, no one can hear cyber security professionals scream
September 2, 2021
“Space is an invaluable domain, but it is also increasingly crowded and particularly susceptible to a range of cyber vulnerabilities and threats.” That’s not an overblown sci-fi movie strapline, but rather the chilling words of Gina Galasso, managing director of The Aerospace Corporation UK, a member of the international collaborative organisation, Space ISAC (the Space Information ...