In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- PDF Feature ‘Certified’ Widely Vulnerable to Attack
May 26, 2021
Certified portable document format (PDF) files are used to securely sign agreements between two parties while keeping the contents’ integrity protected, but a new report found the security protections on most certified PDF applications were inadequate and left organizations exposed to a number of attacks. Researchers from Ruhr University Bochum explained certified PDFs use two specific ...
- Elizabethan England has nothing on modern-day Russia
May 26, 2021
The threat landscape is changing. Organizations need to defend against an ever-evolving tranche of threat actors. For a long time, the lines that distinguish state-sponsored and crimeware groups were well-defined. We believe this is no longer the case. In today’s landscape, there are groups that, although their modus operandi (MO) is consistent with crimeware groups, ...
- BazaLoader Masquerades as Movie-Streaming Service
May 26, 2021
There’s a new, fake movie-streaming service in town called BravoMovies, and the offerings are utter garbage. Despite its pretty pictures and fun-sounding titles, it’s got nothing to offer for download besides BazaLoader malware. BazaLoader is a loader used to deploy ransomware or other types of malware and to steal sensitive data from victimized systems. On Wednesday, Proofpoint ...
- New Rowhammer attack exploits the design of ever-shrinking and more dense DRAM chips
May 26, 2021
Google has detailed its work discovering a new Rowhammer vulnerability dubbed “Half-Double”, which evolves the style of attack on DRAM memory first reported in 2014 and suggests the Rowhammer problem won’t go away soon. The Rowhammer attack is unusual because it aims to cause “bit flips” by rapidly and repeatedly accessing data in one memory row ...
- Evolution of JSWorm ransomware
May 25, 2021
Over the past few years, the ransomware threat landscape has been gradually changing. We have been witness to a paradigm shift. From the massive outbreaks of 2017, such as WannaCry, NotPetya, and Bad Rabbit, a lot of ransomware actors have moved to the covert but highly profitable tactic of “big-game hunting”. News of ransomware causing ...
- Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises
May 25, 2021
Attacks on control processes supported by operational technology (OT) are often perceived as necessarily complex. This is because disrupting or modifying a control process to cause a predictable effect is often quite difficult and can require a lot of time and resources. However, Mandiant Threat Intelligence has observed simpler attacks, where actors with varying levels ...