Latest Breaking News On - Adam weidemann - Page 7 : comparemela.com
Google: North Korean hackers are targeting researchers through fake offensive security firm
zdnet.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from zdnet.com Daily Mail and Mail on Sunday newspapers.
North Korean Hackers Expand Targeting of Security Community
infosecurity-magazine.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from infosecurity-magazine.com Daily Mail and Mail on Sunday newspapers.
Google’s latest Chrome 88 update fixes a security issue being actively exploited in the wild
February 06, 2021
×
Google has released the latest update for its Chrome Browser version 88.0.4324.150 which fixes a security issue that is being actively exploited in the wild.
The update is being rolled out for Windows, Mac and Linux over the coming days/weeks, Google said.
The tech giant has fixed a security bug with a high severity rating as part of the update. It did not provide much details about the vulnerability dubbed CVE-2021-21148.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” it said.
Google says North Korean hackers are targeting security researchers by Grant Gross Print this article
A group of North Korean hackers is attempting to compromise cybersecurity researchers through an intricate campaign, including a bogus cybersecurity blog and fake Twitter accounts, according to Google’s Threat Analysis Group.
TAG claims that the hacking group is backed by the North Korean government and is using a combination of a “novel” social engineering campaign and malware to target cybersecurity researchers in other parts of the world, according to a Jan. 25 blog post.
During its attempts to bill itself as a legitimate cybersecurity research organization, the hacking group invites researchers to collaborate through Visual Studio, a Microsoft development environment. The shared Visual Studio code contains malware, TAG said.
…
A vulnerability broker he had known for a while and trusted had introduced him to a new researcher called James Willy from New York, Caceres [said]. We hopped in a group chat, the three of us, and he sent me a Visual Studio project to take a look at a driver bug that caused a blue screen of death.
… James [said] it was linked to Google Chrome – an instant attention-grabber for bug hunters. Vulns affecting software used by tens of millions worldwide are rare and command hefty rewards. … The code was all legit, it was a real crash with potential security implications, but I wasn t careful when I opened the Visual Studio project. [But] opening some Visual Studio projects can cause code to execute, which was the North Koreans attack vector.
vimarsana © 2020. All Rights Reserved.