Tag: Chrome | Page 3

Google Rolls Out Chrome Fix For First Chrome Zero-Day Exploit of 2024

January 17, 2024/in Internet Security

Google has recently addressed the first Chrome zero-day vulnerability exploited in the wild in the new year with security updates. The vulnerability, identified as CVE-2024-0519, is a high-severity issue related to an out-of-bounds memory access weakness in the Chrome V8 JavaScript engine. Attackers could exploit this vulnerability to gain unauthorized access to data beyond the memory buffer, potentially leading to exposure of sensitive information or causing a system crash.

What is a Zero Day Vulnerability?

A zero-day vulnerability refers to a security flaw in software or hardware that is actively exploited by attackers before the vendor or developer becomes aware of it. The term “zero-day” indicates that there are zero days of protection for users from the time the vulnerability is discovered by malicious actors until a fix or patch is made available.

Attacks on the real world

In response to reports of the CVE-2024-0519 exploit being used in real-world attacks, Google released security updates for users in the Stable Desktop channel. The patched versions were made available globally for Windows (120.0.6099.224/225), Mac (120.0.6099.234), and Linux (120.0.6099.224) users within a week of the vulnerability being reported to Google. Although the update may take some time to reach all impacted users, it was immediately accessible for manual installation, and Chrome users can also rely on the browser’s automatic update feature.

The vulnerability involves a situation where the expected sentinel is not located in the out-of-bounds memory, leading to excessive data being read. This can result in a segmentation fault or buffer overflow. MITRE explains that the product may modify an index or perform pointer arithmetic referencing a memory location outside the buffer boundaries, producing undefined or unexpected results. Besides unauthorized access to out-of-bounds memory, CVE-2024-0519 could be exploited to bypass protection mechanisms like ASLR, making it easier for attackers to achieve code execution through another weakness.

Google has not provided detailed information about the specific incidents where CVE-2024-0519 exploits were used. The company stated that access to bug details and…

Source…

Homeland Security warns federal agencies of hackers targeting Google Chrome, Excel spreadsheets

January 16, 2024/in Computer Security

The Cybersecurity and Infrastructure Security Agency, or CISA, is issuing a new warning: your Google Chrome browser and Excel spreadsheets could be at risk of an attack. The agency identified two new exploits that could give hackers easy access to your computer.

Federal agencies have until January 23 to make sure they’re protected. Here are some ways to make sure you’re protected too.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER

Homeland Security warns federal agencies of hackers targeting Google Chrome, Excel spreadsheets

Microsoft logo on keyboard (Kurt “CyberGuy” Knutsson)

Microsoft Excel’s new exploit

Hackers are targeting Microsoft Excel using a huge vulnerability in a library that reads Excel files. The bug is in a library called Spreadsheet::ParseExcel. It allows hackers to run malware remotely. Specifically, hackers can utilize a string in the library to run programs on your computer.

This exploit has popped up before. Security firm Barracuda noticed Chinese hackers using the exploit last month. They would create custom Excel attachments to exploit the bug and run any program they wanted to.

While Barracuda addressed this with a patch, they say open-source libraries could still be at risk. The company also issued a warning to anyone who uses Spreadsheet::ParseExcel, recommending they review the bug and take any necessary action.

Google Chrome browser on laptop (Kurt “CyberGuy” Knutsson)

MORE: THE 7 SIGNS YOU’VE BEEN HACKED

Google Chrome’s bug

Google’s eighth day zero attack comes in the form of an attack on an open-source project. WebRTC allows web browsers and mobile applications to communicate in real-time. However, hackers are using it to overload your browser and either cause it to crash or give them permission to do whatever they want. This exploit doesn’t just affect Google Chrome. It also affects other open-source web browsers using WebRTC to communicate. Google issued an emergency fix just last month, but there’s more you can do to protect yourself.

Four essential tips to secure your devices and data from hackers and scammers

To protect yourself from malicious hackers and scammers, we recommend you do the following four things.

1) Be cautious about using open-source…

Source…

Google Downplays Undocumented Chrome API Exploited by Malware to Extend Account Theft: Report

January 8, 2024/in Computer Security

Updated Jan 8, 2024, 07:45 AM IST

While Google downplays the severity, security experts raise alarms about the implications of this undocumented Chrome API vulnerability.

A simmering cyberwarfare saga just took a concerning turn, with researchers uncovering a novel technique employed by malware to prolong access to stolen Google accounts. While Google downplays the severity, security experts raise alarms about the implications of this undocumented Chrome API vulnerability.

Malware’s New Trick: In late November, reports emerged of malware like Lumma and Rhadamanthys reviving expired Google authentication cookies, essentially granting attackers persistent access to victims’ accounts. Now, this tactic has gained traction, with four more malware families including Stealc, Medusa, RisePro, and Whitesnake adopting the same method.

The Undocumented Weapon: The key to this extended breach lies in an obscure Google OAuth “MultiLogin” API endpoint, discovered by cybersecurity firm CloudSEK. This API, initially believed to sync accounts across Google services, seems vulnerable to manipulation.

Exploiting the Loophole: Researchers suspect malware abuses this API by stealing two crucial tokens from Chrome: regular authentication cookies and a special “Refresh” token. With the Refresh token, even after stolen cookies expire, the malware can generate new ones, perpetuating unauthorized access. This essentially extends the malware’s lifespan within targeted accounts.

Google’s Murky Response: BleepingComputer’s attempts to understand the MultiLogin API have been met with silence from Google. The only documentation exists within Chrome’s source code, leaving security experts and users in the dark about its intended purpose and potential vulnerabilities.

Concerns on the Rise: Security researchers like Pavan Karthick of CloudSEK are sounding the alarm. They highlight the ease with which malware exploits this undocumented API, granting attackers extended access to sensitive user data, including emails, documents, and contacts. Furthermore, the lack of transparency from Google regarding the purpose and security of this API only amplifies the concerns.

Beyond Technicalities: The…

Source…

Alert: New Chrome Zero-Day Vulnerability Being Exploited

January 2, 2024/in Internet Security

Google, in light of recent events, has launched a critical update for a high-severity Chrome zero-day vulnerability. As per recent reports, Google claims that the vulnerability has been actively exploited. It’s worth noting that the vulnerability pertains to the WebRTC framework and, when exploited, can lead to program crashes or arbitrary code execution. Given its severity, it has raised significant online security risks.

In this article, we’ll dive into details of the vulnerability and the countermeasures Google has implemented to keep the vulnerability from being exploited further.

Chrome Zero-Day Vulnerability Discovered

As of now, Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group (TAG) are the two personnel credited with discovering the vulnerability. However, details of any other security defects resulting in Google Chrome exploits have not been released till now, as it prevents further exploits. Despite this, Google has acknowledged that:

“An exploit for CVE-2023-7024 exists in the wild.”

The Chrome zero-day vulnerability, identified as CVE-2023-7024, is being described as a heap-based buffer overflow bug in the WebRTC framework. Those concerned about their internet browser safety and online security posture must know buffer overflows can be used for the execution of arbitrary code outside of the program’s implicit security policy.

They can also be used to write function pointers pertaining to the attacker’s code. In cases where the exploit leads to arbitrary code execution, additional web browser security services can be subverted by the attacker. It’s worth mentioning that such browser vulnerabilities raise significant concerns pertaining to online security risks.

Google Chrome has widespread usage across multiple platforms and is often used by high-value targets. Such circumstances make exploiting the Chrome zero-day vulnerability a feasible option for threat actors, as it can be used to expand the attack surface once initial access has been acquired.

Chrome Security Updates

As far as countermeasures for the vulnerability are concerned, Google has stated that: “Access to bug details and links may be kept restricted until…

Source…

Tag Archive for: Chrome

Microsoft Excel’s new exploit

Google Chrome’s bug

Four essential tips to secure your devices and data from hackers and scammers

1) Be cautious about using open-source…

While Google downplays the severity, security experts raise alarms about the implications of this undocumented Chrome API vulnerability.

Chrome Zero-Day Vulnerability Discovered

Chrome Security Updates