Security blank (zero-day vulnerability) was found in Google's browser, Google Chrome.
Kaspersky greater private IT security company in the world immediately updated Google, which released a browser update. After a thorough review of the issue, Google confirmed that it was a zero-day vulnerability.
Zero-day vulnerabilities are previously unknown software errors that can be exploited by attackers to cause serious and unexpected damage.
The vulnerability tries to exploit the error through the Google Chrome browser and the script checks whether version 65 or later is used. The exploit gives an attacker a Use-After-Free (UaF) condition, which is very dangerous because it can lead to code execution scenarios.
The detected exploit was used in what Kaspersky experts called "Enterprise WizardOpium".
Some similarities in the code indicate a possible link between this campaign and the attacks by the Lazarus team. In addition, the profile of the targeted website is similar to that found in previous DarkHotel digital spy attacks, which have recently developed similar false flag attacks. The vulnerability exploited was identified by Kaspersky's Vulnerability Prevention technology, embedded in most of the company's products.
"The discovery of a new zero-day in Google Chrome released online on the Internet proves once again that only through collaboration between the security community and software developers, as well as through continued investment in vulnerability prevention technologies, can we be safe against sudden and covert attacks by threatening agents, "said Anton Ivanov, a security expert at Kaspersky.
Kaspersky recommends the following security measures:
- Install the Google patch for the new vulnerability as soon as possible.
- Make sure you regularly update the software used in your organization each time a new security patch is released. Security products with Vulnerability Assessment and Patch Management capabilities may help automate these processes.
- In addition to adopting effective endpoint protection, implement a corporate solution that detects advanced network-level threats at an early stage, such as the Kaspersky Anti Targeted Attack Platform.
- Make sure your security team has access to the latest digital threat information. Private reports on the latest developments in the threat landscape are available to Kaspersky Intelligence Reporting clients. For more details, contact: [email protected]
- Lastly, make sure your staff is trained to understand and follow the basic steps of digital hygiene.