Tuesday January 28, 2020
Home Lead Story Google Chrome...

Google Chrome Web Browser Has Been Spotted with an Exploited Vulnerability

Certain similarities in the code point to a possible link between this campaign and Lazarus attacks

0
//
Google Chrome
The new exploit in Google Chrome is used in attacks that leverage a waterhole-style injection in a Korean-language news portal. Pixabay

A new exploited vulnerability in Google Chrome web browser called “CVE-2019-13720”, which is a zero-day vulnerability, has been spotted by Russian cyber security firm Kaspersky. The firm has reported it Google and a patch has been released.

Zero-day vulnerabilities are essentially previously unknown software bugs that can be exploited by attackers to inflict serious and unexpected damage.

The detected exploit was used in what the cyber security firm calls ‘Operation WizardOpium’.

Certain similarities in the code point to a possible link between this campaign and Lazarus attacks.

“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” Anton Ivanov, Security Expert at Kaspersky, said in a statement.

The new exploit is used in attacks that leverage a waterhole-style injection in a Korean-language news portal.

Google Chrome
A new exploited vulnerability in Google Chrome web browser called “CVE-2019-13720”, which is a zero-day vulnerability, has been spotted by Russian cyber security firm Kaspersky. Pixabay

A malicious JavaScript code is inserted in the main page, which in turn, loads a profiling script from a remote site to further check if the victim’s system could be infected by examining versions of the browser’s user credentials.

The vulnerability tries to exploit the bug through the Google Chrome browser and the script checks if version 65 or later is being used.

ALSO READ: 300 Teams in the Field in Delhi to Fight Air Pollution

The exploit gives an attacker a Use-After-Free (UaF) condition, which is very dangerous because it can lead to code execution scenarios. (IANS)

Next Story

Wikipedia Crosses Milestone Of Having Over 6 Million Articles in English Language

Following the English edition, which hit the five million-mark in late 2015, are the German version with about 2.3 million articles, and the French version, which has about 2.1 million articles

0
Wikipedia
Wikipedia is available in several languages, but its English version has the most number of articles. Wikimedia Commons

The world’s largest online multilingual encyclopedia, Wikipedia, has now crossed the milestone of having more than six million articles in English language.

The feat, which comes roughly 19 years after the website was founded, is a testament of “what humans can do together,” said Ryan Merkley, chief of staff at Wikimedia, the nonprofit organisation that operates the omnipresent online encyclopedia, TechCrunch reported on Friday.

The six millionth article is about Maria Elise Turner Lauder, a 19th-century Canadian school teacher, travel writer and fiction writer.

Wikipedia, Books, Encyclopedia, Subjects, Hand, Iphone
The world’s largest online multilingual encyclopedia, Wikipedia, has now crossed the milestone of having more than six million articles in English language. Pixabay

Wikipedia is available in several languages, but its English version has the most number of articles.

ALSO READ: Vivo Creates History By Grabbing Second Spot in Indian Smartphone Market

Following the English edition, which hit the five million-mark in late 2015, are the German version with about 2.3 million articles, and the French version, which has about 2.1 million articles, the report added. (IANS)