Malware years used runonly to five6/24/2023 On Thursday, macOS security expert Patrick Wardle published an analysis of Mac malware that came from someone who claimed it infected his fully up-to-date Mac through a zero-day vulnerability in Firefox. ![]() We are working to notify other orgs we believe were also targeted." Martin also published cryptographic hashes of code used in the attack, along with IP addresses the code contacted. ![]() "We were not the only crypto org targeted in this campaign. "We've seen no evidence of exploitation targeting customers," Martin added. The hackers then used the attack against employees of Coinbase, according to Philip Martin, chief information security officer for the digital currency exchange.ΔΆ/ We walked back the entire attack, recovered and reported the 0-day to firefox, pulled apart the malware and infra used in the attack and are working with various orgs to continue burning down attacker infrastructure and digging into the attacker involved. On Monday, as Mozilla was readying a fix for the array.pop flaw, unknown hackers deployed an attack that combined working exploits for both vulnerabilities. #Macos malware years runonly avoid five Patch Interestingly, a researcher at Google's Project Zero had privately reported the code-execution flaw to Mozilla in mid April. #Macos malware years runonly avoid five update On Thursday, Mozilla issued a second patch fixing a privilege-escalation flaw that allowed code to break out of a security sandbox that Firefox uses to prevent untrusted content from interacting with sensitive parts of a computer operating system. ![]() Mozilla released an update on Tuesday that fixed a code-execution vulnerability in a JavaScript programming method known as Array.pop.
0 Comments
Leave a Reply. |